karthikenator Posted July 20, 2008 Share Posted July 20, 2008 I need to monitor the online activities in my PC(online activities specific to an user account) and generate a report kinda thing which gives the info on the websites visited and the time spent on them. I know lot of geeks around here, can someone help me on this? Quote Link to comment Share on other sites More sharing options...
Sparda Posted July 20, 2008 Share Posted July 20, 2008 Setup a squid proxy then use cacti to view the summarised results. Quote Link to comment Share on other sites More sharing options...
karthikenator Posted July 20, 2008 Author Share Posted July 20, 2008 Thanks Sparda, I am not fond of setting up a proxy or any other tools to do this, i would like to know if this is possible with batch scripts in Windows. I believe batch scripts are powerful enough to do this. Quote Link to comment Share on other sites More sharing options...
Sparda Posted July 20, 2008 Share Posted July 20, 2008 I believe batch scripts are powerful enough to do this. The phrase "No matter how much you believe it, that doesn't make it true." seems applicable. ;) You need a way of monitoring web activity, Windows can't do this by it's self. Often third party 'parental control and monitoring' software will install a proxy on the local computer to archive all that it does. This can be bypassed easily usually. You can setup what ever web browser you have installed to keep a history of all pages visited, but it's easy enough for some one to delete such things or not use the web browser you set up at all. Setting up a proxy and forcing the computer to only access the Internet via the proxy makes it platform neutral, even if some one goes to the effort of reinstalling windows or booting a live Linux distro they still have to use the proxy and you still know what they did. Quote Link to comment Share on other sites More sharing options...
silentknight329 Posted July 21, 2008 Share Posted July 21, 2008 ok there is a cmd for your terminal on windows called netstat... when you type it it will give you a list of online activities i beleive netstat -o is the one you are looking for.. then it will give you some info.. then in task manager go to processes and make sure you can see PID it will tell you which program is using wich port.. dunno thought that that might have helped Quote Link to comment Share on other sites More sharing options...
Shaun Posted July 21, 2008 Share Posted July 21, 2008 ok there is a cmd for your terminal on windows called netstat... when you type it it will give you a list of online activities i beleive netstat -o is the one you are looking for.. then it will give you some info.. then in task manager go to processes and make sure you can see PID it will tell you which program is using wich port.. dunno thought that that might have helped That won't work because that will only give you the IP/hostname of the server and not the actual website URL. Any websites on shared servers using name-based virtual hosts wouldn't show up properly. Also it's quite slow which would impede its use even if that weren't a problem. Sparda's answer is probably the most robust and secure. The only other way I would think about doing it is with a browser plugin or extension, but this is more easy to circumvent because you can just use another browser or even just disable the extension. Quote Link to comment Share on other sites More sharing options...
shido Posted July 21, 2008 Share Posted July 21, 2008 hi i was thinking of the stndard evnet viewr but like u said they can just use another browser so it renders that option useless. What exactly do you want? do you want a log or a real time scanner to see exactly whats going on?? I would advise a keylogger or something like that but then again all AV's see it as malicious content. Other then that you can always just download a third party app to monitor web activity, these apps usually log all sites visited and time spent on the site, youll find tons of them if you google something like web activity monitor. As for the netstat command on windows you can always use it then let it give a log in a text file then you copy the ip address and go to this one site that changes IP to host name Quote Link to comment Share on other sites More sharing options...
Shaun Posted July 21, 2008 Share Posted July 21, 2008 As for the netstat command on windows you can always use it then let it give a log in a text file then you copy the ip address and go to this one site that changes IP to host name That won't work properly on shared hosting as I've said, because you can have hundreds of sites sharing the same IP with the Host header telling the server one the user wants, but that won't be displayed by netstat. Quote Link to comment Share on other sites More sharing options...
shido Posted July 21, 2008 Share Posted July 21, 2008 that wont but the site will Quote Link to comment Share on other sites More sharing options...
shido Posted July 21, 2008 Share Posted July 21, 2008 try this site to see what i mean but ok maybe im misunderstanding you...if not i hope the link below helps Helping out Shaun :) Quote Link to comment Share on other sites More sharing options...
digip Posted July 21, 2008 Share Posted July 21, 2008 Sparda is right, squid is probably one of the quickest and easiest ways to do this, plus they have cross platform versions of it available depending on the OS you are running. Not the simplest to setup, but probably the widespread proxy used. http://www.squid-cache.org/Download/binaries.dyn Alternatively if you are just using this on one machine, at home or work, and not on a network for users who run over a corporate lan or their firewall there are alternatives for single pc use. Something like http://www.softx.org/h-monitor.html which, and I quote "provides a complete log of visited web sites and used Internet programs." which seems like it's what you are looking for. It's not free though. I never used it, so I can't vouche for it's effectiveness or security, but might be worth a look. Quote Link to comment Share on other sites More sharing options...
Xarf Posted July 21, 2008 Share Posted July 21, 2008 Setup a domain with a windows server, restrict access to internet options, control panel options, etc etc. Setup Privoxy on the server and route all internet traffic through the proxy via Internet options. Then you can just view Privoxy logs for web pages visited, when etc. The user also cant change the fact that internet traffic is routed via the proxy as they have no access to IE options (Locked down via domain user controllers). It's complex, but possibly the best method :P Quote Link to comment Share on other sites More sharing options...
Sparda Posted July 21, 2008 Share Posted July 21, 2008 It's complex, but possibly the best method :P and defeated by a live disk. Quote Link to comment Share on other sites More sharing options...
Xarf Posted July 21, 2008 Share Posted July 21, 2008 and defeated by a live disk. So put a BIOS password on and disable boot selection, disabling the CD drive as a boot option. However, I doubt that the users we're talking about will be packing live CDs. Quote Link to comment Share on other sites More sharing options...
Sparda Posted July 21, 2008 Share Posted July 21, 2008 disable boot selection Allot of BIOS don't have that as a feature, and BIOS that I have run in to that do support it are fun, becasue you can usualy plug in a external CD drive and it will be enabled by default. The cheaper option is to install GRUB to a USB flash drive, boot off the flash drive, then use GRUB to boot off the built in CD drive. Quote Link to comment Share on other sites More sharing options...
digip Posted July 21, 2008 Share Posted July 21, 2008 Are we talking about ways to defeat things or ways to log traffic? Everything has a weakness, but having squid on a machine that all of the lan runs through kind of defeats any way of thwarting it other than tunneling your traffic, (which again can be stopped with a good proxy and firewall) or having physical access to make changes. My work can block all tunneled traffic via their proxy and web filtering software. Even VPN's are blocked. If you have physical access to a machine or the proxy/firewall then there is no security.A dedicated user who wants to do something you have tried to block against will find a way to thwart it. Quote Link to comment Share on other sites More sharing options...
Zimmer Posted July 24, 2008 Share Posted July 24, 2008 Ah but some would have live cd's hell if my parents put monitoring software I would be fine booting into linux on my laptop. Plus I would probably now how to put the BIOS password. I doubt they would now what the hell I'm talking about! Now if I could only boot through USB without kernel panics or live cd prerequisite Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.