how to check webpage history (looking for inapropriate site access at work)

Discussion in 'Windows Desktop Systems' started by VenomXt, Mar 15, 2005.

  1. VenomXt

    VenomXt Blame me for the RAZR's Folding Team

    Messages:
    3,453
    Location:
    Houston, Texas
    i need to check a employees laptop for inapropriate material. But io dont have his logon password. Can i do this from the administrative account. I know i can do wildcard searches and such but what i really need is web history. and times of web page access any ideas?
     
  2. jimi_81

    jimi_81 Moderator Political User

    Messages:
    820
    Location:
    Stoney Creek, ON, Canada
    hmm
    is this what they got you doing for your co-op job?
    ;)
    snitchin eh

    hehe
    jokes!
     
  3. VenomXt

    VenomXt Blame me for the RAZR's Folding Team

    Messages:
    3,453
    Location:
    Houston, Texas
    they pay well... And these are union guys jacking around.. so.. any real help?
     
  4. mlakrid

    mlakrid OSNN BASSMASTER Political User Folding Team

    Easiest thing is to search for the cookies.... most people dont think to delete them
    do a search for *cookie* and it should find all of them.. then check the corresponding names and use the date/time stamp to see who had them the day of the stamp.
     
  5. Lee

    Lee OSNN Proxy

    That's like against the law.
     
  6. jimi_81

    jimi_81 Moderator Political User

    Messages:
    820
    Location:
    Stoney Creek, ON, Canada
    probably not in america.
     
  7. ming

    ming OSNN Advanced

    Messages:
    4,252
    Location:
    UK
    Can't you just check the history folder?
     
  8. jimi_81

    jimi_81 Moderator Political User

    Messages:
    820
    Location:
    Stoney Creek, ON, Canada
    what about something like a desktop search using msn or google?
    if you did a search for pron, wouldnt it find it?

    ive never used it, so please disregard this msg if i am absolutely wrong.

    thanks
     
  9. jimi_81

    jimi_81 Moderator Political User

    Messages:
    820
    Location:
    Stoney Creek, ON, Canada
    I guess it would depend if the my document folder allows access to outside users...
     
  10. mlakrid

    mlakrid OSNN BASSMASTER Political User Folding Team

    COOKIE_ID24.73.193.82-1366301568.29637042cookie.monster.com/1024
    14789708830371297133688156829637042*

    Something like this would be listed... in the cookie double-click to open if you dont know the name of the site... or its ambiuous.. then go back to the search and look at the date/time the cookie was created...

    If you dont know use the IP as you can see I made the IP visible in the cookie you can type in the IP in your web browser and go directly to the site in question sometimes... I say that because I tried it from this cookie and it did not work, even though i know where I went for this cookie which is why I used it..
     
  11. VenomXt

    VenomXt Blame me for the RAZR's Folding Team

    Messages:
    3,453
    Location:
    Houston, Texas
    on a personal laptop yes on a corp one noo way. thanks.
     
  12. mlakrid

    mlakrid OSNN BASSMASTER Political User Folding Team

    Also, you can do an NSLookup on the site... so do a ping or nslookup and it will give you the corresponding IP for the site..

    To do that do a run under the prompt type cmd (press enter)

    then type:

    nslookup osnn.net (or website in question)

    Server: gd-main01.gd-centcom.com
    Address: Sorry my IP is restricted....
    Name: osnn.net
    Address: 70.84.96.186

    See its that easy...
     
  13. VenomXt

    VenomXt Blame me for the RAZR's Folding Team

    Messages:
    3,453
    Location:
    Houston, Texas
    sigh.. I hate doing this but whoever lap this is is going to be fired thanks guys.
     
  14. mlakrid

    mlakrid OSNN BASSMASTER Political User Folding Team

    Hehe
    I can find anywhere you been even if you delete the website from the PC, we keep a cached copy of cookies going to PCs for this very reason... it wouldnt be good for a government employee walked by and I was looking at Bigtitties.com
    LOL
    :D
     
  15. mlakrid

    mlakrid OSNN BASSMASTER Political User Folding Team

    that reminds me... I should delete all my cookies and do the same on the server... being I have Domain Admin RIGHTS

    BWHAHAHAHAA

    I wouldnt want them knowing I looked at monster.com while I was at work...
     
  16. Electronic Punk

    Electronic Punk Administrator Staff Member Political User Folding Team

    Messages:
    18,590
    Location:
    Copenhagen, Denmark
    Tends to be in

    C:\Documents & Settings\<username>\Local Settings\History

    You could also check the cookies. (either on the machine or server, if the profile is roaming)

    The local settings folder does not get uploaded to the server with a romain profile by default.
     
  17. VenomXt

    VenomXt Blame me for the RAZR's Folding Team

    Messages:
    3,453
    Location:
    Houston, Texas
    appreciate everyone response mlakrid already repped you but thanks again. :)

    to clarify the search was warranted by something else we don’t randomly check computers. But legally i guess companies can. Anything on a business computer is usually considered business property. just food for thought.
     
  18. American Zombie

    American Zombie Moderator Staff Member Political User

    Messages:
    2,931
    Location:
    Seattle
    What a lot of people overlook is the index.dat files as they will contain URL's as well as other info and you can not delete the index.dat files while in Windows.
     
  19. mlakrid

    mlakrid OSNN BASSMASTER Political User Folding Team

    Well KINDA... you cant erase index.dat files using the OS... there are plenty of commercial utilities to do so...

    Example: Tracks Eraser and Tracks Eraser PRO which can be found at:


    http://www.acesoft.net/delete_index.dat_files.htm
     
  20. VenomXt

    VenomXt Blame me for the RAZR's Folding Team

    Messages:
    3,453
    Location:
    Houston, Texas
    CCleaner :) does it all in one swoop and free.