# Monitoring Web Surfing



## Buddi (Jun 27, 2008)

Dear All

i am a new user in this forums.
in my working place we have small network with one win2003 advanced server and work group. the user not logging to server and they are access file server in work group. my problem is still we haven't any firewall or proxy server. some of user they are using the internet highly. downloading software movies songs etc.. i want to monitor there web surfing and what they downloading. please any one can give me good solution for this?
:smile: :smile: :smile:


----------



## af3 (Jun 18, 2008)

Why would you want to monitor their surfing? Prevent it.

- What sites are mission critical?
- What employees do research and require unrestricted access?
- Will putting a 5MB download limit per-file break day to day work related tasks?

The only real way to track usage would be to name every PC, and make a chart of who uses that PC at what times and run a DNS server. You would have to direct the router/switch that connects all the computers to that DNS server and watch the logs.

Mind you, you will see way too many violations to be able to micromanage.

I would get everyone to sign an acceptable usage policy and when they break it, bring it up to the employer if you are technologically unable or legally unable to restrict activity.

The advantages to running your own DNS server would be, logging and custom per-site restrictions. There are sites that can build lists of types of sites to block that you could use in your DNS server provided the software has such a feature implemented.

Well, that is all for now, good luck!

I am not sure if these will help you out, but for some reason Smoothwall and Astaro come to mind, but there may be someone else who can point you in the direction toward an absolute solution.


----------



## Buddi (Jun 27, 2008)

Hi thanks for your prompt reply, 
what i wanna do still i don't want to restrict there surfing. at the moment i wanna monitoring what are the site users mostly access what they downloading what are the software there using with internet. so if it is there any possibility to monitor thees thing in central location. becouse i wanna send the report to my boss what are the users doing with internet and after that hope to install fire wall or proxy server to prevent those things

:smooch:


----------



## af3 (Jun 18, 2008)

Okay.

If you were to install an Open Source DNS server on a spare computer, and configure the top-level router's DNS settings to pull from your local DNS server instead of your ISP's you would be able to log all the requests as a whole, or even individually depending on what DNS software you go with.

I can't recommend any because I have never tried running a DNS server, but I may in the future just for the sake of knowing how to do it.

Another way to do this is to put a hub in between the top-level router and the internet connection (be it an Ethernet T1 handoff or a Cable/DSL modem) and hook a spare PC up to the hub alongside the router and sniff all the port 80 traffic.

Since this is an office setting and the employees don't own the computers, you should legally be able to monitor traffic, but please ask your boss first.


----------



## Buddi (Jun 27, 2008)

hi

i have no any idea about open source DNS servers. so how can i find open source dns server. if you know any product can you Suggests any one what you know.


----------



## af3 (Jun 18, 2008)

As I stated earlier, I can't recommend any because I have never tried running a DNS server.

Try using a search engine. Snapfiles.com has a bunch of powerful freeware and shareware.


----------



## af3 (Jun 18, 2008)

Another thing you could do would be to put two PCI NICs in a spare PC, and run all the traffic through that computer using internet connection sharing (ICS) and use this:
http://www.snapfiles.com/get/msnetmon.html

I am not completely sure about this, but the clients being run through ICS may lose any port forwarding configurations in effect, so you should exclude any on-site server in your snooping mission.

A hub would be the easiest way to monitor as it repeats all traffic to all of its Ethernet connectors.

To help convince the boss, a business proxy would:
-Speed up work related internet activity
-Protect the network from data compromise by blocking attack sites
-Extend work stability, preventing time-outs due to network congestion
-Reduce the amount of re-imaging you may be doing on infected machines


----------



## V0lt (Sep 14, 2002)

I don't think looking at this technologically will pay off in the long run. If your users are technologically inclined, they will always be able to find a way around your limits. What you should do is advise the management to warn and then fire those who are torrenting and pirating things. Once someone gets fired, the rest of them will get the message.


----------



## af3 (Jun 18, 2008)

That would work too, but they would need proof to justify the dismissal in case the employee were to initiate a lawsuit.

This happens all too much, I heard one that would make your shoes fall off. Remember that "internet addiction" case in news or am I mistaken in thinking that would have ended up in the midstream media?

Other things one could do would be to remove all CD/DVD burners in workstations and replace them with read-only devices. Another would be to only use PS-2 keyboards and mice and disable the USB hub on all machines. Oh, and don't allow users local admin rights, and be sure to disable audio!

Sure they can download it, but what will they do once they get the content?

Nevertheless, shouldn't logging be implemented by default? ISPs keep years worth of DNS logs, don't they?


----------



## V0lt (Sep 14, 2002)

Lol, I think removing all the USB ports would be a bit of a stretch... I'm only an intern at my company, and I've already used usb _loads_ of times for my unicomp keyboard and flash drive.

I don't know if commercial ISPs hold themselves to the same standard as residential ISPs do as far as tracking goes. 

Although there have been some really ridiculous lawsuits, I don't think there's any sort of statute that protects addiction to illegally downloading movies and music 

In fact, a company would do well to simply report its employees who pirate materials to the copyright holders. That will get them more than fired.


----------



## af3 (Jun 18, 2008)

Not removing, disable them in SYSDM.
YES! Report them to copyright holders!!! XD


----------



## Buddi (Jun 27, 2008)

as you said if i ICS can monitoring real time accessing? and also i need to monitor which LAN IP access that particular web site.


----------



## af3 (Jun 18, 2008)

I am not sure about ICS. I have not used it too much. I would rather buy a hub for an operation like this.


----------

