Go Back   Computer Forums > General Computing > Networking | DNS
Join Computer forums Today

Thread Tools Search this Thread Display Modes
Old 07-19-2010, 03:37 PM   #1
In Runtime
Join Date: Aug 2006
Posts: 102
Default Montior network activity...Witeshark?

We are a small company, 15 people and by default since I am now the most computer savy person here (the last network administrator decided to quit) I am being left in charge until we find someone else new to take over. I know that a lot of people are doing personal stuff on the clock and I want to stop that or at least have some proof to show to the boss to make him aware and be able to back it up.

I was thinking WireShark might be what I want to use. We have 11 computers that are wired on the LAN and we have 4 that are always on an open wifi connection (these are not used for anything sensitive and is set up in a "Y" configuration so that there is no access to the LAN from those.

I want to know the best way to monitor what is going through the network but I will admit I am more versed in web design, now network administration. All I really care about is being able to see what computer (name or IP Address is fine) is going to what websites. I don't care about logging logins and passwords, just knowing the destination they are traveling to.

The main reason is there is one person that I know has been going to some sites that are in the adult genera. I was doing a little work on it and went to the history and what do you know...adultmatch.com. This is being done on a company issued laptop and going through the company T1. I didn't have the time to take a screen shot of it and now I notice that he is deleting his history every time he closes Firefox.

Can anyone give me some advice as to what the best software would be for doing this? And for all the legal blah blah blah, it is written down in the company policy that all email and network traffic is subject to monitoring. I just don't want to spend $50 for some kind of software to monitor the laptop and then send me reports on what is happening. I want to be able to do it in as close to as real time as possible.

BrianS is offline   Reply With Quote
Old 07-19-2010, 04:10 PM   #2
Site Team
berry120's Avatar
Join Date: Jul 2009
Location: England, UK
Posts: 3,422
Default Re: Montior network activity...Witeshark?

Perhaps not what you were after - but perhaps a simpler solution would be to grab a list of sites you don't want people visiting and block them all?

Save the whales, feed the hungry, free the mallocs.
berry120 is offline   Reply With Quote
Old 07-19-2010, 04:28 PM   #3
In Runtime
Join Date: Aug 2006
Posts: 102
Default Re: Montior network activity...Witeshark?

That would work but I don't want to just block the site. I want to bring it to the attention that it is being visited. People have been fired/reprimanded before for playing WoW on company computers during company hours and we have a very low tolerance on stealing company time. So that site will be blocked eventually but the standard is to catch the person, confront them with proof and act accordingly and then block the site for future use. The old network admin had done that a couple times but when he left, he left everything in a total mess and I am not sure what he used to monitor the network.
BrianS is offline   Reply With Quote
Old 07-25-2010, 05:00 AM   #4
Daemon Poster
CrackerJacker's Avatar
Join Date: Jun 2006
Location: USA
Posts: 986
Send a message via Skype™ to CrackerJacker
Default Re: Montior network activity...Witeshark?

Bump.. If anyone has a answer to this. I'm really interested to know of good software too. I'll do some research

BTW, WoW should be fairly easy to block people from using. From what I remember.. WoW is setup to login to a certain address from the start. I forgot what that address was, like Server.Worldofwarcraft.com (I don't think it's that) But if you block that domain, it should prevent them from logging in.
USAF KC-135R Crew Chief
i7 2770 @ 3.4ghz, Geforce GTX 560 ti, 8GB DDR3 1600, SSD 120gb, cup holder
I would imagine if you could understand Morse Code, a tap dancer would drive you crazy
CrackerJacker is offline   Reply With Quote
Old 07-25-2010, 07:49 AM   #5
Site Team
iPwn's Avatar
Join Date: May 2010
Location: USA
Posts: 3,671
Default Re: Montior network activity...Witeshark?

I know that my organization uses WebSense to monitor activity of users while on the net. While running a few Google searches I came across some sites that, apparently WebSense blocks it's competitors websites. One such site, that I was only able to read the description of the service through the Google short description, was www.spectorsoft.com. May be worth checking out. I'll talk to my friends in IT and see exactly what software package they use and what ability it provides.
Humans are the only creatures that won't live up to the their potential. Give everything your all. When you die, die on E.

So I ask you, what do you intend to do now?
iPwn is offline   Reply With Quote
Old 07-29-2010, 12:00 PM   #6
Site Team
root's Avatar
Join Date: Mar 2004
Posts: 7,872
Default Re: Montior network activity...Witeshark?

web sense is good software
you can also use microsofts Isa server, or the new version of it called threat management gateway.

then there are free proxy servers like squid or privoxy.

Wireshark will tell you what sites people are going to, but really the log files are going to be too massive to analyze.

what you need is a proxy server,

you install a proxy server then tell it to log all traffic, this will record what traffic pass through the proxy server, like the machine that's requesting a website and what site it's visiting.

once you've got your list of sites that people are visiting then you can use the same proxy software to ban certain sites.

one of the great things about websense is that they actively search out sites so you can block them by category. this means that you can block a category of adult sites or gambling or internet banking for example.

then you don't have to maintain a list in house of all the sites that fit into that category.

there is however a charge for this list that constantly updates.

I didn’t fight my way to the top of the food chain to be a vegetarian…
Im sick of people saying 'dont waste paper'. If trees wanted to live, they'd all carry guns.
"The inherent vice of capitalism is the unequal sharing of blessings; The inherent vice of socialism is the equal sharing of miseries."
root is offline   Reply With Quote

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

All times are GMT -5. The time now is 06:35 AM.

Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2016, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0