August 16th, 2004, 07:00 AM
Clearing all event logs and transaction history
Hey, I'm a computer operator and the network admin that works with me is a real *ss. My question is I don't want him looking at what websites i went to nor do i want him lookijng at any type of event history or ANYTHING i know how to clear event logs, url history, internet files, recent document history, is there anywhere else he would look? I think i have all covered but i'm not the best so any other suggestions after i get it i plan on making a script to clean up this workstation before i go home everyday so.... a litte bit of help would be much appreciated
August 16th, 2004, 07:18 AM
Seems a buit suspicious to me.
Looking at porn on company time?
Just because you clear your event log and other things doens't mean he doesn't have a program on the gateway monitoring urls connections etc.
Just don't mess with your computer, you'll just get into more trouble.
I have people a lot of times that think they hid the websites they visited by doing what you do, but to no avail as theres other means of monitoring what you visit than looking at your logs and internet cache.
August 16th, 2004, 07:24 AM
Well, I have good news for you and bad news also.
1. If your admin is a lazy know nothing sort, the things you are doing will cover you very well.
2. If your admin has anything on the ball at all, you have already been busted and there is nothing you can do to hide your tracks.
System logs (which you can't get to to clean up) will list out every site you have gone to and the exact times and duration of every visit. There are ways that he could even be taking screen shots of the sites you are visiting.
Depending on what kind of acceptable use policy you signed when you started with your company will determine the actions he can take against you.
Kind of scary when you mess up real bad, isn't it?
\"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
August 16th, 2004, 07:50 AM
I gotta go with cheyenne on this: Seem's a little suspicious to me. Whatever websites your going to that you don't want him to know about, why don't you just go on them at home instead of during your time at work. Make's life easier and solves problems.. plus it doesn't give your boss a reason to think your doing anything wrong.
August 16th, 2004, 08:03 AM
Hey, thanks for the tip.
and no i haven't been doing anything wrong at all the admin actually clears all of his logs and history stuff.
I don't look at porn the worst thing i've done yet is probably post messages on this site. It's just the principle if he is going to delete his stuff i'm going to delete mine. He's the type that if you have a computer question he will refuse to share any knowledge of any sort with me. If i have a problem he tells me to ask my boss. nd no I haven't been doing anything wrong......I was looking at the files on his computer and he
August 16th, 2004, 10:49 AM
........ Just walked into the room so I pressed "Submit"....... ROFLMAO......
I was looking at the files on his computer and he
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
August 16th, 2004, 11:16 AM
The idea that clearing local histories will prevent network admins from seeing what you've done is probably about as good as the boogie man myth. I have legions of fools who accept this idea as true. Meanwhile, anyone who understands a shred of networking knows that traffic leaving your local network must pass through other devices. Even if your net admin is a schlub, your firewall admin might be (and likely is) sharp as a blade.
Based on the ignorance explained above, I spend a good deal of my day busting pr0n hounds who thought they were pretty slick by deleting local temporary internet files. They leave quite a large pile of poo in their pants when I drop a nice Websense report on the table which methodically catagorizes all of their horribleness.
Bottom line - If you are at work, you WILL be caught. It's only a matter of time.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
August 16th, 2004, 02:50 PM
Perhaps there is a good web anonymizer site out there that could cover his tracks, that would keep the admin from knowing the names of the sites he visits if all he logs is IPs, but he would have to find one that uses SSL or the admin could sniff the data and see what kind of content it is (and what site it was really going to).
August 16th, 2004, 02:55 PM
Oh dear, i wander if he still has a job
......I was looking at the files on his computer and he
Irongeek, looks like your advice may have come to late
What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry
August 16th, 2004, 03:15 PM
At my last job when I got bored I would simply watch my DNS servers as they resolved. Since I had a list of who had what address I could often catch people in 'real time' surfing to sites they shouldn't. If you want to hear someone freak out call them up about 30 seconds after logging into a porn site at work and say "Why are you logged into www.big****.com?" Oh....you should hear them scramble and stammer.
If DNS didn't catch them, Packeteer would, or Symantec Web Security, or occassionally--if there was an extremely high volume of traffic-- I'd see it in my firewall or IDS logs and look it up.
I'm sure that some stuff got past me, because to be honest, I didn't really care to be the internet police. But the number of people I busted was unbelievable.
Go ahead and clean your local logs. Won't do you a bit of good.