Berkeley CSUA MOTD:Entry 24837
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/07/13 [General] UID:1000 Activity:popular
7/13    

2002/5/15 [Computer/SW/WWW/Browsers, Computer/SW/Unix, Computer/SW/OS/OsX] UID:24837 Activity:insanely high
5/15    My boss wants me to track what websites a user visits. The user is
        smart enough to delete their history every time they log out (tweakui?)
        Any recommendations for UNIX/NT software to do this?
        \_ You can use a network snooper but I question what will be
           accomplish by tracking what websites your own workers visit.
           \_ There could be the case of the person visiting inappropriate
              sites. However, in this case, the person (a secretary) tells
              everyone that she has way too much work to do, but all the other
              secretaries say that she just surfs the web all day.
        \_ When installing a network snooper, where do you put it? Doesn't
           it depend on whether the user is connected to a switch or a hub?
           \_ Yes a snooper won't work on a switched lan. A alternate soln.
              if you don't want use a caching proxy is to have your fw log
              all outbound http and ftp requests and then translate that to
              web sites. The problem with this is that you won't be able
              to catch request made to services like anonymizer.
        \_ Set up a caching proxy (eg. squid) and run it in transparent
           mode (your fw/router redirects port 80, 21, etc to the cache)
           and turn on max logging. You need to use transparent mode so
           that your users can't circumvent the cache and screw up your
           information gathering.
           Use perl to grok the cache's log files and generate a list of
           urls (or sites) per ip. Now use the dhcp server's log files to
           map IP to NIC and therefore to individual client systems and
           users (I'm assuming that most of your clients are mac/win boxes
           and have only one user). This should give you all the information
           you need and more.
           \_ Thanks! We have a cache (Symantec i-gear), but the user wasn't
              using it. I'll investigate how to get our router (no firewall)
              to forward requests.
              \_ One possible way is the set up the dhcp server to specify
                 the cache as the default router for the mac in question.
                 Then you setup the cache to re-route all traffic (except
                 for http traffic, which it handles) to the real rotuer.
                 \_ currently, we're still on static ip's/routes, but that's
                    something i'll look into
        \_ If she is not smart enough to also clear the disk cache, you can go
           to the cache directories and look at the content.  E.g. on NT,
           However, I think a better solution is to just keep track of her
           %USERPROFILE%\Temporary Internet Files\Content.IE5\ for IE and
           %SystemDrive%\Program Files\Netscape\Users\%USERNAME%\Cache\ for
           Netscape; for Unix, ~/.netscape/cache for Netscape.  You might not
           know which URLs she visited, but at least you can see the content
           of the pages.  Note that for IE some of the dirs and files are
           marked hidden or system, so you have to do "dir /a" to see them.
           However, I think the better solution is to just keep track of her
           activity at the proxy server.
        \_ Be careful of what you and your boss are doing.  Unless it's
           in your company policy, you shouldn't do this.  Your coworkers
           can sue the company for this tactic.
           can sue the company for this tactic.  If you're going to do this
           you better adopt a policy for this and have everyone in the company
           be aware of and agreeable to it.
           \_ Double check with your company's specific policy, but at
              most places the company owns the machine and all files on it
              if it is a work machine, and the company is allowed to
              access it whenever it wants.
              \_ if your company is going to do that, make sure it's in the
                 policy.  "Company owns everything" is too vague.  A good
                 lawyer will defeat that.  You can not do it in way it single
                 out an individual or in anyway showing bias.
              \- if the person you are trying to track is stupid, you can
                 use dug song's software ... that will basically sniff the
                 net, extract the urls and feed them to a netscape you run
                 so you more or less can watch the secretary "over his/her
                 shoulder". however really you probably want timestamped
                 logs, in which case just get tcpdump the port 80 traffic.
                 getting the urls in addition to dst addr is a little more
                 work but pretty simple. BRO can do this. --psb
2025/07/13 [General] UID:1000 Activity:popular
7/13    

You may also be interested in these entries...
2013/8/22-10/28 [Computer/Companies/Yahoo, Industry/SiliconValley] UID:54732 Activity:nil
8/22    http://marketingland.com/yahoo-1-again-not-there-since-early-08-56585
        Y! is back to #1! Marissa, you are SEXY!!!
        \_ how the heck do you only have 225M uniq vis/month when there
           are over 1 billion internet devices out there?
           \_ You think that every single Internet user goes to Y!?
        \_ Tall blonde skinny pasty, not my type at all -former Y!
	...
2013/6/26-8/13 [Computer/Domains, Computer/Networking, Computer/SW/WWW/Browsers] UID:54697 Activity:nil
6/26    This ones for you psb -ausman
        http://25.media.tumblr.com/027fe67c84c2288cc16e9c85db690834/tumblr_mp0ag8DCQI1qzwozco1_1280.jpg
        \- that's pretty good. i wish someone had put the idea to be before i saw
           it on the internet, so see if i'd have put the 9 justices in the same
           boxes. JOHN PAUL STEVENS >> All the sitting justices. --psb
        \- that's pretty good. i wish someone had put the idea to be before i
	...
2012/4/2-6/4 [Computer/SW/Languages/Java, Computer/SW/RevisionControl] UID:54353 Activity:nil
4/02    We use Perforce at work for revision control. It seems to work okay.
        Lately, a lot of the newer developers are saying that Perforce
        sucks and we should switch to Mercurial or Git. I have done some
        searching on the Internet and some others have this opinion. Added
        advantage is that Mercurial and Git are free. However, there would
        be some work to switch for the sysadmins and the developers.
	...
2012/4/26-6/4 [Computer/Networking] UID:54371 Activity:nil
4/26    I see that soda has an ipv6 address but ipv6 traffic from this box
        doesn't actually work (ping6 <DEAD>ipv6.google.com<DEAD>, ping6 http://www.v6.facebook.com
        Is this expected to work?
        \_ Soda doesn't have a real IPv6 address.  The IPv6 addresses you see
           in ifconfig are just link-local addresses; any IPv6-capable machine
           will autogenerate these, whether or not it's connected to an IPv6
	...
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...
2010/11/1-2011/1/13 [Computer/Networking] UID:54002 Activity:nil
11/1    I'm moving from a home in Fremont to another home within the same ZIP
        code in Fremont, and AT&T customer service says I cannot transfer my
        DSL service because DSL is not available at my new home.  Is that BS?
        Are they just trying to push me to subscribe to their more expensive
        U-verse service?  I'm not asking for any lightening-speed connection.
            \_ could be
	...
2013/10/24-2014/2/5 [Academia/Berkeley/CSUA/Motd, Computer/SW] UID:54746 Activity:nil
9/26    I remember there was web version of the motd with search function
        (originally due to kchang ?).  The last time I used it it was hosted
        on the csua website but I can't remember its url (onset of dementia?)
        now. Can somebody plz post it, tnx.
        \_ http://csua.com
           \_ for some reason I couldn't log in since Sept and the archiver
	...
2013/10/28-2014/2/5 [Computer/SW/Database] UID:54751 Activity:nil
10/28   Oracle software to blame for Obamacare website debacles:
        http://www.forbes.com/sites/theapothecary/2013/10/14/obamacares-website-is-crashing-because-it-doesnt-want-you-to-know-health-plans-true-costs
        \_ Larry Ellison is a secret Tea Party supporter.
           Most of this article is bunk, btw. Boy are the Republicans
           getting desperate.
            \_ Umm, no.  Larry Ellison is a not so secret fascist.
	...
2013/12/13-2014/2/5 [Computer/SW/Languages/Web] UID:54757 Activity:nil
12/17   http://axonflux.com/5-quotes-by-the-creator-of-php-rasmus-lerdorf
        Why I love PHP.
12/17
 _________________________________________
/ You will pay for your sins. If you have \
| already paid, please disregard this     |
	...