Jump to content

Monitor Online activities

karthikenator

By karthikenator
in Everything Else

 Share

Recommended Posts

Sparda Newbie

Sparda

Posted
Posted
I believe batch scripts are powerful enough to do this.

The phrase "No matter how much you believe it, that doesn't make it true." seems applicable. ;)

You need a way of monitoring web activity, Windows can't do this by it's self. Often third party 'parental control and monitoring' software will install a proxy on the local computer to archive all that it does. This can be bypassed easily usually.

You can setup what ever web browser you have installed to keep a history of all pages visited, but it's easy enough for some one to delete such things or not use the web browser you set up at all.

Setting up a proxy and forcing the computer to only access the Internet via the proxy makes it platform neutral, even if some one goes to the effort of reinstalling windows or booting a live Linux distro they still have to use the proxy and you still know what they did.

Link to comment
Share on other sites
silentknight329 Newbie

silentknight329

Posted
Posted

ok there is a cmd for your terminal on windows called netstat... when you type it it will give you a list of online activities i beleive netstat -o is the one you are looking for.. then it will give you some info.. then in task manager go to processes and make sure you can see PID it will tell you which program is using wich port.. dunno thought that that might have helped

Link to comment
Share on other sites
Shaun Newbie

Shaun

Posted
Posted
ok there is a cmd for your terminal on windows called netstat... when you type it it will give you a list of online activities i beleive netstat -o is the one you are looking for.. then it will give you some info.. then in task manager go to processes and make sure you can see PID it will tell you which program is using wich port.. dunno thought that that might have helped

That won't work because that will only give you the IP/hostname of the server and not the actual website URL. Any websites on shared servers using name-based virtual hosts wouldn't show up properly. Also it's quite slow which would impede its use even if that weren't a problem. Sparda's answer is probably the most robust and secure. The only other way I would think about doing it is with a browser plugin or extension, but this is more easy to circumvent because you can just use another browser or even just disable the extension.

Link to comment
Share on other sites
shido Newbie

shido

Posted
Posted

hi i was thinking of the stndard evnet viewr but like u said they can just use another browser so it renders that option useless. What exactly do you want? do you want a log or a real time scanner to see exactly whats going on?? I would advise a keylogger or something like that but then again all AV's see it as malicious content.

Other then that you can always just download a third party app to monitor web activity, these apps usually log all sites visited and time spent on the site, youll find tons of them if you google something like web activity monitor.

As for the netstat command on windows you can always use it then let it give a log in a text file then you copy the ip address and go to this one site that changes IP to host name

Link to comment
Share on other sites
Shaun Newbie

Shaun

Posted
Posted
As for the netstat command on windows you can always use it then let it give a log in a text file then you copy the ip address and go to this one site that changes IP to host name

That won't work properly on shared hosting as I've said, because you can have hundreds of sites sharing the same IP with the Host header telling the server one the user wants, but that won't be displayed by netstat.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Sparda is right, squid is probably one of the quickest and easiest ways to do this, plus they have cross platform versions of it available depending on the OS you are running. Not the simplest to setup, but probably the widespread proxy used.

http://www.squid-cache.org/Download/binaries.dyn

Alternatively if you are just using this on one machine, at home or work, and not on a network for users who run over a corporate lan or their firewall there are alternatives for single pc use. Something like http://www.softx.org/h-monitor.html which, and I quote "provides a complete log of visited web sites and used Internet programs." which seems like it's what you are looking for. It's not free though. I never used it, so I can't vouche for it's effectiveness or security, but might be worth a look.

Link to comment
Share on other sites
Xarf Newbie

Xarf

Posted
Posted

Setup a domain with a windows server, restrict access to internet options, control panel options, etc etc.

Setup Privoxy on the server and route all internet traffic through the proxy via Internet options.

Then you can just view Privoxy logs for web pages visited, when etc.

The user also cant change the fact that internet traffic is routed via the proxy as they have no access to IE options (Locked down via domain user controllers).

It's complex, but possibly the best method :P

Link to comment
Share on other sites
Xarf Newbie

Xarf

Posted
Posted
and defeated by a live disk.

So put a BIOS password on and disable boot selection, disabling the CD drive as a boot option.

However, I doubt that the users we're talking about will be packing live CDs.

Link to comment
Share on other sites
Sparda Newbie

Sparda

Posted
Posted
disable boot selection

Allot of BIOS don't have that as a feature, and BIOS that I have run in to that do support it are fun, becasue you can usualy plug in a external CD drive and it will be enabled by default. The cheaper option is to install GRUB to a USB flash drive, boot off the flash drive, then use GRUB to boot off the built in CD drive.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Are we talking about ways to defeat things or ways to log traffic? Everything has a weakness, but having squid on a machine that all of the lan runs through kind of defeats any way of thwarting it other than tunneling your traffic, (which again can be stopped with a good proxy and firewall) or having physical access to make changes.

My work can block all tunneled traffic via their proxy and web filtering software. Even VPN's are blocked.

If you have physical access to a machine or the proxy/firewall then there is no security.A dedicated user who wants to do something you have tried to block against will find a way to thwart it.

Link to comment
Share on other sites
Zimmer Newbie

Zimmer

Posted
Posted

Ah but some would have live cd's hell if my parents put monitoring software I would be fine booting into linux on my laptop. Plus I would probably now how to put the BIOS password. I doubt they would now what the hell I'm talking about! Now if I could only boot through USB without kernel panics or live cd prerequisite

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...