|
-
July 16th, 2004, 06:34 PM
#1
History
Hi,
I work for a company and I am in the network support group, Some of the employees some times have problems with the Internet explorer, this happens because they browse evry possible site in the world, All of us know that we can view the files in the History folder. So i requested them to avoid going to certain sites. but....... , All of a suden they have started clearing the history foldes and the temporary internet files folder also the cookies, so now I cannot complain, We plan to put the ISA server , but that will take time, is there any way by which i can recover the history or the temporary internet files..... it's not that important, But is it possible ?
Thanks in advance
MRG.
-
July 16th, 2004, 06:43 PM
#2
What OS are you guy's working off? To my knowledge, I don't think you can recover History/Temp Internet File's unless you use System Restore (WinMe and above) to go back to an earlier point in time on your system. However, you should alert the employee's that you know they are browsing the site's you told them not to because they are deleting the file's. In that sense, tell them not to or you will automatically assume that they are on those site's. That should make them stop.
-
July 16th, 2004, 06:51 PM
#3
Proxy might be the way to go here.
There are free/cheap proxies to put in until ISA can go in also.
Can you change your firewall logs?
On many firewalls, you can log a more verbose level which can then include the internal IP and the
destination URL. Send it to a syslog server for collection.
Often the URL only includes the destination IP like http://#.#.#.#/somesmut.html
but it can be a cheap way to gather surfing info.
-
July 16th, 2004, 08:20 PM
#4
I kind of like spyder's answer here, except that I would not assume guilt, since this can get you into legal troubles. The way to attack this is multi-fold. First you need to create a policy stating that end users are forbidden to clear Internet History, event logs, etc... from their system without prior managerial concent. If the policy is violated you revoke their rights to Internet access for a month. Most will comply after that. In addition to the ISA server you will probably want to install a system to monitor and restrict access to questionable sites, and receives daily updates for acceptable sites. You will also need a logon banner stating that system usage is monitored, and don't forget the appropriate acceptable usage policies signed by the employees.
Don't mean to sound like I'm rambling here, but these are most of the things that companies have to do in order to protect themselves from lawsuits. All it takes is one sexually explicit picture viewed by the wrong person at the wrong time and you will find youself on the wrong end of a litigation process. Just IMHO.
The mentally handicaped are persecuted in this great country, and I say rightfully so! These people are NUTS!!!!
-
July 16th, 2004, 08:28 PM
#5
I agree with overduespy's answer , but the maximum that I can do is to tell the network administrators of this (which I have done), and it really depends upon them to decide on... for there is nothing in my hands. The OS in Win 2k professional service pack 4.
MRG.
-
July 16th, 2004, 08:39 PM
#6
Hello mrg81,
Deleting cookies and clearing the history does not completly wipe your history out going forward from win NT (maybe earlier versions too [don't have on handy to check]). There is a file called index.dat located in c:\profiles\<logon ID>\..(someplace) c:\documents and settings\<logon ID>\cookies 2k/XP.
The beautiful think about this file is that you cannot delete it and it logs all cookies, visited websites and a few other things. You can grab an index.dat viewer from mutliple sources (google it).
It is possible to modify the contents of the file but the size cannot change. It might be your friend.
I was quite annoyed by the lack of privacy then I thought to myself my employer pays me to do a job and I am using bandwidth paid for by them. So, I guess my employer can spy on me -don't like it but it is there right.
Best Regards,
Duncan
If you spend more on coffee than on IT security, you will be hacked. What\'s more, you deserve to be hacked.
-- former White House cybersecurity adviser Richard Clarke
-
July 16th, 2004, 08:58 PM
#7
Some of the employees some times have problems with the Internet explorer, this happens because they browse evry possible site in the world, All of us know that we can view the files in the History folder. So i requested them to avoid going to certain sites. but....... , All of a suden they have started clearing the history foldes and the temporary internet files folder also the cookies, so now I cannot complain, We plan to put the ISA server , but that will take time, is there any way by which i can recover the history or the temporary internet files..... it's not that important, But is it possible ?
You can still be able to see where the employess are surfing by using the Windows Registry. Heres how:
1. Click on start go to run, and type regedit. Click OK. This will open (Registry Editor).
2. Expand in turn the registry keys "HKEY_CURRENT_USER", "software", "Microsoft", and "Internet explorer" on the left side of the display, click once on "Typed URLS" to select it.
3. On the right hand side you will see all the typed URLS.
4. To edit this all you have to do is double click on the URL# (# = number) and updating the "value data" in the edit string box.
5. To delete entries select the URL in the name column and choose edit delete or you can press delete key on the keyboard. If you have any promblems with this hopefully this pic will help. Hope this helps Computernerd22
-
July 16th, 2004, 09:12 PM
#8
Originally posted here by Computernerd22
You can still be able to see where the employess are surfing by using the Windows Registry. Heres how:
1. Click on start go to run, and type regedit. Click OK. This will open (Registry Editor).
2. Expand in turn the registry keys "HKEY_CURRENT_USER", "software", "Microsoft", and "Internet explorer" on the left side of the display, click once on "Typed URLS" to select it.
3. On the right hand side you will see all the typed URLS.
4. To edit this all you have to do is double click on the URL# (# = number) and updating the "value data" in the edit string box.
5. To delete entries select the URL in the name column and choose edit delete or you can press delete key on the keyboard. If you have any promblems with this hopefully this pic will help. Hope this helps Computernerd22
No, clearing your history, offline content, and whatnot makes this key go away until another URL is typed...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
