Folks,
I have had a good question asked of me today and im stumped.
How can a manager tell if someone has been using their pc running windows xp has been visiting porn sites.They are using interent explorer and the user always clears the history and deletes cookies and clears offline content as well.

Any suggestions?

tell your friend to find his own posrn sites.

stop looking, i just answered my own question

http://www.antichildporn.org/reveal.html


this software is good too
http://www.ecommsec.com/
the software is called parental filter.
this software is cool cos it is a "stealth" software that hides in the pc and blocks the pc from porn sites.you can add extra words to it to block like sex and the user doesnt know its running, till they try and access the sites or search for sites with the adult content.

these both s/w is free.

you are probably going through a firewall to get to the internet and that firewall probably has some logfiles... Might have to get your network guys to help view them or utilize some of their other network related tools ...

tell your friend to find his own posrn sites.

Love to, but the problem is the user spends a lot of company time visiting the sites rather then being productive during a normal payed days work.
if it was done at lunch time i dont think the boss would care, but all employee's did sign an angreement before comencing employment that the interent would *NOT be used for illigal or immoral purposes or be abused.
I think the boss has every right to know whats going on since the document has been signed.

Be aware that if this person is smart enough to deal with the cookies and the cache they may also be smart enough to disable those tools. Looking at the firewall logs, as mentioned above, is the best way. If you are not running some kind of firewall.... well tsk tsk, get one installed pronto and I am not talking about the ones on the individual PCs, I am talking about one controlled by the IT dept that sits on a machine the users don't have access to.

Since unfortunately a big part of my graduate (post graduate) work is in computer forensics and studying anti-forensics.....

Stealth software often uses tools similar to root kits and can create issues allowing the computer to be attacked.

Firewall logs are great, but if the person is using a proxy and or ssl tunneling all you'll see is traffic and no content. (SHMOO does this).

Group policies on the client machine (I'm imagining it is XP), will allow you to stop the user from clearing up their tracks.

Running Ethereal or another packet inspection tool on the network will allow you to see what the user is doing, and there are other tools that allow you do "browse behind" the user without them knowing (dsniff, etc.)

Finally if you want to check the current computer a forensic examiner can use a variety of tools to look at the disk for naughty pictures. Forensic Took Kit, and a variety of other disk forensic tools allow for checking even the deleted content.

K.I.S.S. (Keep It Simple Stupid) Nothing beats the manager just strolling around. The manager should be monitoring employees, that's why he/she gets the big bucks, if for nothing else fear of a workplace harassment lawsuit. If you feel this creates a hostile work environment that's enough to get the manager off his duff.

K.I.S.S. (Keep It Simple Stupid) Nothing beats the manager just strolling around. The manager should be monitoring employees, that's why he/she gets the big bucks, if for nothing else fear of a workplace harassment lawsuit. If you feel this creates a hostile work environment that's enough to get the manager off his duff.

these days managers aren't necessarily in a position to do that. my manager is in portland and i'm in san jose.

of course, i'd NEVER visit a non-work web site during business hours ...

Folks,
I have had a good question asked of me today and im stumped.
How can a manager tell if someone has been using their pc running windows xp has been visiting porn sites.They are using interent explorer and the user always clears the history and deletes cookies and clears offline content as well.

Any suggestions?

The easiest way to tell is to see if they have any custom, or inappropriate bitmaps on their desktop.

Like, uh, this one...

http://www.titleii.com/images/desktop3.jpg

snicker snicker.

The best way, though, is to tell the person they can't use the PC for non-work purposes and you'll fire them if you catch them. Use server side tools & proxies to monitor use. Give them enough work to do so they don't have the free time.

It *is* a huge liability on the part of the company, though. I'm showing the picture above as a bit of tongue in cheek, but if I ever displayed such a photo in a corporate environment, somebody would sue. Wait until a coworker glances at the screen when the employee is looking at an inappropriate site and sues for a hostile work environment.

of course, i'd NEVER visit a non-work web site during business hours ...
So you do like me and wait until after hours...?:p :D

Sorry, couldn't resist!!!;)

The easiest way to tell is to see if they have any custom, or inappropriate bitmaps on their desktop.

Like, uh, this one...

http://www.titleii.com/images/desktop3.jpg



I looked and looked at that picture... Still NO BOAT!!!:confused:

:D :D

I can tell if I'm looking at porn by the naked people :D :eek: .
Is this multiple choice?
Rock

The easiest way to tell is to see if they have any custom, or inappropriate bitmaps on their desktop.

Like, uh, this one...

http://www.titleii.com/images/desktop3.jpg

snicker snicker.

The best way, though, is to tell the person they can't use the PC for non-work purposes and you'll fire them if you catch them. Use server side tools & proxies to monitor use. Give them enough work to do so they don't have the free time.

It *is* a huge liability on the part of the company, though. I'm showing the picture above as a bit of tongue in cheek, but if I ever displayed such a photo in a corporate environment, somebody would sue. Wait until a coworker glances at the screen when the employee is looking at an inappropriate site and sues for a hostile work environment.

i hope you're happy. you've ruined my perfect record of never EVER downloading a pic of a scantily clad woman.

my next stop: aich-ee-double-hocky-sticks.

doh!

The easiest way to tell is to see if they have any custom, or inappropriate bitmaps on their desktop.

Like, uh, this one...

http://www.titleii.com/images/desktop3.jpg

snicker snicker.

The best way, though, is to tell the person they can't use the PC for non-work purposes and you'll fire them if you catch them. Use server side tools & proxies to monitor use. Give them enough work to do so they don't have the free time.

It *is* a huge liability on the part of the company, though. I'm showing the picture above as a bit of tongue in cheek, but if I ever displayed such a photo in a corporate environment, somebody would sue. Wait until a coworker glances at the screen when the employee is looking at an inappropriate site and sues for a hostile work environment.

danbrew,

I know I probably shouldn't ask, but is her face blurred out because she'd be mad that you posted it or just because you weren't interested in that part...?

oh and actually on the topic--use Group Policy so that the user cannot change any of their internet settings including deletion of files, cache clearing, etc. Of course the best thing to do would be install a product like Sentian or Websense at the server level and use group policy on top of it. Sentian is pretty inexpensive and you can run it on Linux (for cost consideration) w/ transparent auth, so until a user is blocked they never know it exists. Both products will restrict use of "proxy" type services used to get around filters and Sentian keeps up with the new ones pretty regularly. Get it done--you're asking for a law suit without it...

Tim

The easiest way to tell is to see if they have any custom, or inappropriate bitmaps on their desktop.

Like, uh, this one...

http://www.titleii.com/images/desktop3.jpg




Ah ha!!

YOU must be the peeping Tom my wife has been complaining about looking thru our loungroom windows at night while she relaxes in front of the TV and i catch up on the posts here at www.bmwlt.com (http://www.bmwlt.com)

SHAME ON YOU!!:p

danbrew,
I know I probably shouldn't ask, but is her face blurred out because she'd be mad that you posted it or just because you weren't interested in that part...?
Tim

She's quite alright with it, of course. I just didn't want any of you joes to run into her on the bus one day and say, "Dayyyyyaaaammmm girl, I seen you nekked."

A sticky keyboard is one good sign :eek:.