Solved

Low cost or free "sites accessed" activity monitor

Posted on 2002-07-23
13
202 Views
Last Modified: 2010-04-11
Looking for something that would allow the owner of a small business (with 10 machines) to "check" on internet activity.  Basically wanting to insure that employees are not wasting inordinate amounts of time on the net.  All users are "allowed" to go on the net and they have legitimate needs to do so.  Something as simple as the boss being able to review (from his desk) their history files would be adequate IF they could not easily circumvent it.

This is a simple NT/Win98/ME network that "runs" itself.  They have no in-house admin.  All computers connect through RoadRunner on the boss's machine using Lanbridge to make his kind of an ICS.

Saw Iopus Starr advertised and it looks good, but $100.  Something less complete and less money would be fine.




0
Comment
Question by:Volibrawl
  • 4
  • 4
  • 2
  • +3
13 Comments
 
LVL 79

Accepted Solution

by:
lrmoore earned 50 total points
ID: 7173382
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7173883
are you looking for orwell or bigbrother spyware? or just for some kind of simple network monitor/accounting
0
 
LVL 9

Author Comment

by:Volibrawl
ID: 7175988
All animals are equal, but I want one more equal animal to have this tool.

As I indicated, if we could even just figure out how to READ the Windows\History file of the "subject" computers over the LAN, that would suffice.

Ideal program would:

1. Be free
2. Create a LOG file for each computer on the LAN indicating what sites were visited at what time.
3. The log should be accessible for easy viewing from the "master" computer.
4. The users should not be able to circumvent the logging or erase the logs
5. The master should be able to delete and cleanup the logs
6. The logs should be password or otherwise protected from unauthorized viewing.

Nobody in their organization is very "computer savvy" so "hack proofing" is not a high priority.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7176269
Personal opinion, there are products available like the ones in the links above, but not free. $40 should be petty cash for any business. Come on!
I'm sure a good perl/VBS/C++ programmer could do what you ask, but it won't be that user friendly for your non-computer-savvy manager.
Fee Ethereal or Windump can do the job using some creative filters and/or command-line switches, offloading results to a text file, but it ain't for the novice.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7176270
Fee = Free, sorry....
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7176670
if you're just interrested in the URLs, then a simple firewall rule could do what you want.

1. depends on your firewall (free for Linux :)
2. done by the firewall
3. an additional simple script would do it
4. it's on the firewall, not on user's machine
5. dito.
6. dito.
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 24

Expert Comment

by:SunBow
ID: 7181270
Personal opinion,,
Don't do it.
I'll go along with a free or cheap personal firewall like ZoneAlarm for protection. Especially with cable like RoadRunner.

Without a good local admin, circumventing any process is all too easy. Someone's 'friend' could even play role.

> Basically wanting to insure that employees are not wasting inordinate amounts of time on the net.

This is really too hard to assess using a tool and little knowledge, especially if there is an open policy. Use tool on one person and they'll likely argue another employee did more goofing off. Too much the can of worms.

Better I think is do workload management. If an employee is not getting job done, that is about cause enough for discipline. If reason is surfing porn sites or 'too much', and not knowledgeable, odds are there'll be junk left on HD to demonstrate that as support for discipline. Contrarily, if all the work is done, promptly, perfectly, then who's to care if it only took an hour and the rest of the week was spent on surfing the net?

IMO workload management should be about tasks and expectation of job performance, not about trying to detail and add up every little activity of each employee, be it surfing web, gossiping (loss of time of others in office), bathroom breaks, phone calls to relatives (and alternative entertainments?), naps, etc. That can lead to targeting, discrimination, and other complaints about a 'fairness' in the eyes of those being watched.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 7181275
* besides  ;-)  they might just be spending the time here at EE and learning and implementing new ways to improve the business and its efficient usage of technology. That's the kind of thing that does not show up well on any tool.

Is it business related or not? Can be hard to answer that, or to get same answer from each employee, perhaps.
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7181756
> * besides  ;-)  they might just be spending the time here at EE and ..

.. and finding a reference to htthost ..
LOL

I agree that the social control might be much more exfficient than the elctronic one.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7182618
I agree with the human aspect of this. Do they have a written acceptable use policy? Has everyone seen it? Have they signed an acknowledgement that if they violate the policy they face termination? I'll bet it will cost as much in Secretary's time, paper, toner, and other miscellaneous costs than any $100 commercial application to monitor said acceptible use compliance. There absolutely must be a written, acknowledged policy before this "boss" can do anything about it anyway.

Here's antother thought on the technical aspect. A tiny LinkSys router used as a gateway can maintain a log of all inbound and outbound access by source computer and destination URL.
1. Not free, but < $80
2. Log files saved of to another computer that nobody knows about
3. Log is viewed by web browser from any PC (password protected)
4. User can't circumvent it by deleting files or history on their own computer because the logs are elsewhere.
5. Done. Only the "master" knows where the logs are.
6. Done. Router access to log viewer is password protected.
0
 
LVL 3

Expert Comment

by:gandalf94305
ID: 7183323
Hmm... why has this not been mentioned?

I would recommend setting up a mandatory proxy. Everybody would get an account on the proxy and needs to authenticate themselves before accessing the Internet. You can use a commercial tool like WebTrends or a free tool like Webalizer to summarize logs and screen them for unusual activity.

As for the legal side of this: make sure every and each employee signs a document where you define the policy. Unless Internet usage is a required part of their work, you can restrict such usage fairly easily. If it is an essential part of their work, this requires changing the work contract, which is only possible in mutual agreement. Depending on the country, you may however still face problems with sanctions if somebody uses the Internet for private purposes (e.g., to book a vacation or buy a book online).

My opinion: don't do this unless you are really facing immense Internet cost. Before breaking it down to individual employees, establish an anonymous monitoring and if there are indeed some findings, discuss this openly with your employees!

Cheers,
--gandalf.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7185257
If the users aren't computer savvy, just tell them that all internet access is logged and subject to constant review by the boss....
That should keep them quiet for a while, plus it's free !


0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 7186263
tim_holman, perfect idea.
ANd as I said before: there is a minority which always bothers the boss, and makes headaches for the admins, when they use htthost or similar to tunnel the firewall (and even any proxy, except adaptive proxys ;-)
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now