Need to monitor all users' web surfing? (no cost (or low cost))

  • Thread starter Thread starter OscarVogel
  • Start date Start date
O

OscarVogel

I'm looking for an open source software that can monitor each user's web
surfing. For example, I want to be able to generate a report which lists
all the web sites that each user has visited over a 1 week (or 1 day, or 1
month) period.

We have a small network of 50 users who connect to the internet through SBS
2003 STANDARD Edition. The SBS connects to the internet through our Linksys
router.

I'd prefer an open source solution, but 30 day trial would be almost as
good.

Thanks!
 
OscarVogel said:
I'm looking for an open source software that can monitor each user's web
surfing. For example, I want to be able to generate a report which
lists all the web sites that each user has visited over a 1 week (or 1
day, or 1 month) period.

We have a small network of 50 users who connect to the internet through
SBS 2003 STANDARD Edition. The SBS connects to the internet through our
Linksys router.

I'd prefer an open source solution, but 30 day trial would be almost as
good.

Thanks!
Click to expand...
Logging each and every URL for every user would be very log-file
intensive. Why do they connect through a W2K3 server if you have a
hardware NAT router? If you suspect someone of surfing to specific
URL(s), you could use many open source packages to monitor/log that.
Snort (there's even a Windows version), but an awful lot to set up and
tweak. ntop (Linux) will show you most visited sites and tell you the IP
address - if you have reverse zones configured it'll look up the names
for you. The free one-sensor version of PRTG (Windows) will show you
bandwidth to/from any particular IP address so you can see if anyone's
visiting it. Squid (proxy for Linux) can probably be configured to log
EVERYTHING if you really want, but you'd give up your W2K3 as router or
add it in as another hop. I suppose if all of the traffic flows through
the W2K box anyway, a Windows solution would be best. How about a
firewall that only allows surfing to approved sites (I know that won't
work for many businesses)?

....kurt
 
Your assumption is incorrect, but understandable. It's not really about
lack the need or the money.

The primary reason why I want it for free is because I don't want to ask the
owners to pay for it. They would probably gladly pay for it, but then
they'd be asking for reports, and whether or not the reports can include
this or that feature, etc. For now I'd rather keep it as a side project,
that I can work on in my spare time. That way I can set up the monitoring,
make sure I understand the capabilities, work out any issues, etc all on my
own time schedule. Then I can decide whether or not I want to offer to
provide them with reports. That explains why I mentioned that a "30 day
trial would be almost as good."

Thanks for giving me the opportunity to clarify.
 
In my experience, the type data gathering you need is so cumbersome in its
raw form as to be almost unusable. Especially if someone intends on taking
any sort of action on an individual based on it.

Even though network firewalls do in fact gather this info, they are almost
unreadable without an add-on ($) tool to parse the info for your intended
use.

There are a lot of other things that go into this. One being the proper
configuration of the workstation to audit logins/logoffs (and a utility to
easily parse them - if you don't want to pull your hair out ready every
entry trying to find the one you're looking for).

Bottom line (for me) is if I need this info and expect to be able to use it
in any official capacity, I know I'm going to need a good firewall and a
good log interpreter. Neither one is cheap.

I have, in the past, used a perl script to parse this type of info from a
firewall log. The perl script was free on the net, the firewall was a very
expensive one.

Just my experience.

-Frank
 
OscarVogel said:
Your assumption is incorrect, but understandable. It's not really about
lack the need or the money.

The primary reason why I want it for free is because I don't want to ask
the owners to pay for it.
Click to expand...

If the owners did not ask you for this kind of spying, why are you looking
at spying on these users???????

They would probably gladly pay for it, but then
they'd be asking for reports, and whether or not the reports can include
this or that feature, etc. For now I'd rather keep it as a side project,
that I can work on in my spare time. That way I can set up the
monitoring,
Click to expand...

Again, why. You are infringing on the privacy of others without the owners
permission. If you want to monitor internet access, get the owners involved,
and then notify the users that their internet surfing will be monitored.
make sure I understand the capabilities, work out any issues, etc all on
my own time schedule. Then I can decide whether or not I want to offer to
provide them with reports. That explains why I mentioned that a "30 day
trial would be almost as good."
Click to expand...

And again, unless you get the owners permission to spy on their users, you
are being very suspect in your actions and motives
 
Dana,

Thanks for your comment. I agree that monitoring an employee's web access
involves valid ethics concerns regarding privacy rights, etc. I feel
comfortable that what I want to do in this particular situation is ethical.
And of coarse, I don't have any doubt that it's legal. So at this point, if
you have any expertise to offer about how to actually to get this done, I'd
be very appreciative.

Sincere Regards,

Oscar Vogel
 
Not at low cost or no cost, unless there is a Linux solution you like,...but I
don't do Linux.

MS ISA Server is an excellent product and has vast capabilities, but even it by
itself does not make monitoring a particular user easy to do. There is an
add-on made by GFI that runs on ISA that adds more of that functionality to ISA.

None of this is cheap.

--
Phillip Windell
www.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft, or
anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
 
If your server is between the users and the internet router and you are
running SBS2003, your reporting services should monitor web/e-mail access
quite nicely.
 
I don't believe it is open source but it is free. FreeProxy will allow you
to log all connections. You can isnstall it on your sbs server and set the
router to allow web connections from your sbs server only. That will keep
your users from bypassing it by changing their proxy settings. You will
likely have to export the logs to a spreadsheet to get the types of reports
you want. Google for it.
Louis
 
Back
Top