1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Is it possible for a server admin to know what a user is browing on the network?

Discussion in 'Networking & Security' started by Widjaja, Nov 21, 2011.

  1. Widjaja

    Widjaja

    Joined:
    Jun 12, 2007
    Messages:
    4,819 (1.79/day)
    Thanks Received:
    636
    Location:
    Wangas, New Zealand
    I know there is a way to monitor which PC is doing the downloading and how much bandwidth it is using from the server, but is there a way to find out what the culprit machine is browsing/downloading without physically going to the culprit machine on the network?
     
  2. Champ

    Champ

    Joined:
    Jun 28, 2008
    Messages:
    894 (0.39/day)
    Thanks Received:
    78
    Location:
    Greenville, NC
    Yep, I seen it when I sure my intership at the hospital. It was like remote desktop, but he was able to monitor any computer in the network and even take full control of it and I think block you out. Then there are server files that always keep track of where you are
     
    Widjaja says thanks.
  3. digibucc

    digibucc

    Joined:
    May 21, 2009
    Messages:
    4,923 (2.49/day)
    Thanks Received:
    1,493
    aside from vnc as champ has mentioned, there are also monitoring tools that can show an administrator all of the requests going in and out of a router/network.

    it is something easily done by an administrator worth their salt.
     
    Widjaja says thanks.
  4. brandonwh64

    brandonwh64 Addicted to Bacon and StarCrunches!!!

    Joined:
    Sep 6, 2009
    Messages:
    18,677 (9.98/day)
    Thanks Received:
    6,153
    Location:
    Chatsworth, GA
    Windows shared services should be able to track files on the domain that are transferred from server to machine. Also you can track UDP and TCP connections from each host name as well.
     
    Widjaja says thanks.
    Crunching for Team TPU
  5. Widjaja

    Widjaja

    Joined:
    Jun 12, 2007
    Messages:
    4,819 (1.79/day)
    Thanks Received:
    636
    Location:
    Wangas, New Zealand
    I'll have to look into this do I can see how detailed the information is.
    For example if someone is torrenting, I would like to know if I can tell the name of the exact file(s) they are downloading.

    Piracy in New Zealand is pretty heavy now and can have serious implications for the person downloading after a while.

    The catch with the network I am working on is, people can come in with their laptops and use the connection which means I can not gain remote access to these computers.
     
  6. Batou1986

    Batou1986

    Joined:
    Oct 2, 2005
    Messages:
    2,474 (0.75/day)
    Thanks Received:
    356
    Location:
    Baltimore MD
    wireshark is your friend
     
    Widjaja says thanks.
  7. DeAtHWiSh

    DeAtHWiSh New Member

    Joined:
    Dec 24, 2007
    Messages:
    197 (0.08/day)
    Thanks Received:
    48
    Location:
    Miami, FL
    Tor browser :( or not
     
    Last edited: Nov 22, 2011
  8. Widjaja

    Widjaja

    Joined:
    Jun 12, 2007
    Messages:
    4,819 (1.79/day)
    Thanks Received:
    636
    Location:
    Wangas, New Zealand
    Correct me if I'm wrong.

    So it seems windows server alone can not see exactly what a person is downloading if the connected computer is not set up specifically unless third party software is installed on the server?

    EDIT:-
    Isn't Tor designed to block the network from knowing where you've been?
     
  9. twilyth Guest

    You need something that encrypts from end to end - like https vs http.

    The only way to do this without installing software is to use something like a VPN. This will encrypt everything between your machine and the VPN server. However it's hard to find fast, reliable free vpns. Generally you will have to use a commercial service. The good news is that they aren't that expensive if you shop around.
     
  10. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,458 (4.64/day)
    Thanks Received:
    3,264
    is it possible for a server admin to know what a user is browsing on the network? yes of course. the question though should be legal in nature and not technical. if you work for a private company and you are worried that perhaps you have been browsing illegal or inappropriate material while on their network you should look into their privacy policy. most private companies consider the network "theirs" and do not give the impression to their employees that they are provided a level of privacy. public institutions though like state schools and possibly public hospitals will almost never look into what an employee has been doing since it is public and considered protected.

    so if you looked at some pron and think you will be fired check out your companies privacy policy and find yourself a good lawyer. even if you did something bad you may actually be able to win out in a lawsuit if your employer illegally spied on you.
     
    Widjaja says thanks.
  11. twilyth Guest

    As a general rule, unless you are in a union or get paid by the hour, you're what is referred to as an "at-will" employee. That means that they can fire you for any reason or no reason at all.

    There are some limitations on this right though and this may be one of them. I don't know.
     
  12. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,458 (4.64/day)
    Thanks Received:
    3,264
    that varies from state to state.
     
  13. Widjaja

    Widjaja

    Joined:
    Jun 12, 2007
    Messages:
    4,819 (1.79/day)
    Thanks Received:
    636
    Location:
    Wangas, New Zealand
    I guess this is why I was running around in circles when trying to figure out what computer was downloading what via windows server trying to find out what computer was downloading what without being blatantly obvious.

    Windows server alone is not capable of what I am trying to do.

    It appears the perpetrator is as safe from me knowing what they have been downloading through the server if their security settings are at default.

    Only knowing the bandwidth downloaded during that time.

    Hopefully I can get the senior network admin to install some third party software.
    Unfortunately the senior admin thinks anything anyone installs on the network which is not his idea will mess it up beyond repair.
     
  14. Sir B. Fannybottom

    Sir B. Fannybottom

    Joined:
    Jun 4, 2011
    Messages:
    2,928 (2.37/day)
    Thanks Received:
    1,204
    I know they log searches, and can watch your screen/lock your pc at my school, a few kids have been busted for going on facebook and such, you are never safe, they are watching.
     
  15. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,458 (4.64/day)
    Thanks Received:
    3,264
    with windows active directory, everything can be logged very easily. linux admins have to do more work which is why most places just setup a domain controller and have all of the PCs on the network log in to the domain with a users log/pass. from there the admins can completely control the PC. this is why the question should be legal in nature. every corporation, institution has their own policy regarding employee or student privacy.
     
  16. Jizzler

    Jizzler

    Joined:
    Aug 10, 2007
    Messages:
    3,430 (1.30/day)
    Thanks Received:
    639
    Location:
    Geneva, FL, USA
    We know and see all! Pay tribute or be turned over to HR!

    - Lunch
    - Liquor
     
  17. Rhyseh

    Joined:
    Jul 3, 2008
    Messages:
    74 (0.03/day)
    Thanks Received:
    17
    Solarwinds make a whole plethora of applications that you can use to track this information, although it doesn't come cheap. A much easier option would be to simply block all the ports on the firewall and force everyone to browse through a proxy server. That way everything they do is logged and everything that attempts to go directly to the web gets blocked.

    If a proxy server isn't practical then block all unneccessary ports. You should do this anyway, not blocking unused ports is akin to locking the front door but leaving the backdoor and windows wide open.

    Alternately having a look at the UPnP port list on the router should quickly show the source IP of the torrenting demon. The port should be a rather high number, normally it will also use the same port on both TCP and UDP traffic, which makes it easier to spot.

    Windows server will only have a record of what is accessed from THAT server (provided auditing is setup to do so). Your network admin should be able to identify and resolve this extremely quickly if he is half competent.
     
    Widjaja says thanks.
  18. Widjaja

    Widjaja

    Joined:
    Jun 12, 2007
    Messages:
    4,819 (1.79/day)
    Thanks Received:
    636
    Location:
    Wangas, New Zealand
    I guess the assumption with the senior network admin, is these kids only know facebook and youtube so adding a third party app which is going to cost would be a waste of money as where I live, we don't get many computer savvy people around.

    Especially where I'm designated to give a hand but in a way which costs $0.
     

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page