Is it possible for a server admin to know what a user is browing on the network?

[Widjaja]

I know there is a way to monitor which PC is doing the downloading and how much bandwidth it is using from the server, but is there a way to find out what the culprit machine is browsing/downloading without physically going to the culprit machine on the network?

 

[Champ]

Yep, I seen it when I sure my intership at the hospital. It was like remote desktop, but he was able to monitor any computer in the network and even take full control of it and I think block you out. Then there are server files that always keep track of where you are

 

[digibucc]

aside from vnc as champ has mentioned, there are also monitoring tools that can show an administrator all of the requests going in and out of a router/network.

it is something easily done by an administrator worth their salt.

 

[brandonwh64]

Windows shared services should be able to track files on the domain that are transferred from server to machine. Also you can track UDP and TCP connections from each host name as well.

 

[Widjaja]

I'll have to look into this do I can see how detailed the information is.
For example if someone is torrenting, I would like to know if I can tell the name of the exact file(s) they are downloading.

Piracy in New Zealand is pretty heavy now and can have serious implications for the person downloading after a while.

The catch with the network I am working on is, people can come in with their laptops and use the connection which means I can not gain remote access to these computers.

 

[Batou1986]

wireshark is your friend

 

[DeAtHWiSh]

Tor browser or not

 

[Widjaja]

Correct me if I'm wrong.

So it seems windows server alone can not see exactly what a person is downloading if the connected computer is not set up specifically unless third party software is installed on the server?

EDIT:-
Isn't Tor designed to block the network from knowing where you've been?

 

[twilyth]

You need something that encrypts from end to end - like https vs http.

The only way to do this without installing software is to use something like a VPN. This will encrypt everything between your machine and the VPN server. However it's hard to find fast, reliable free vpns. Generally you will have to use a commercial service. The good news is that they aren't that expensive if you shop around.

 

[Easy Rhino]

is it possible for a server admin to know what a user is browsing on the network? yes of course. the question though should be legal in nature and not technical. if you work for a private company and you are worried that perhaps you have been browsing illegal or inappropriate material while on their network you should look into their privacy policy. most private companies consider the network "theirs" and do not give the impression to their employees that they are provided a level of privacy. public institutions though like state schools and possibly public hospitals will almost never look into what an employee has been doing since it is public and considered protected.

so if you looked at some pron and think you will be fired check out your companies privacy policy and find yourself a good lawyer. even if you did something bad you may actually be able to win out in a lawsuit if your employer illegally spied on you.

 

[twilyth]

As a general rule, unless you are in a union or get paid by the hour, you're what is referred to as an "at-will" employee. That means that they can fire you for any reason or no reason at all.

There are some limitations on this right though and this may be one of them. I don't know.

 

[Easy Rhino]

As a general rule, unless you are in a union or get paid by the hour, you're what is referred to as an "at-will" employee.

that varies from state to state.

 

[Widjaja]

You need something that encrypts from end to end - like https vs http.

The only way to do this without installing software is to use something like a VPN. This will encrypt everything between your machine and the VPN server. However it's hard to find fast, reliable free vpns. Generally you will have to use a commercial service. The good news is that they aren't that expensive if you shop around.

I guess this is why I was running around in circles when trying to figure out what computer was downloading what via windows server trying to find out what computer was downloading what without being blatantly obvious.

Windows server alone is not capable of what I am trying to do.

It appears the perpetrator is as safe from me knowing what they have been downloading through the server if their security settings are at default.

Only knowing the bandwidth downloaded during that time.

Hopefully I can get the senior network admin to install some third party software.
Unfortunately the senior admin thinks anything anyone installs on the network which is not his idea will mess it up beyond repair.

 

[Sir B. Fannybottom]

is it possible for a server admin to know what a user is browsing on the network? yes of course. the question though should be legal in nature and not technical. if you work for a private company and you are worried that perhaps you have been browsing illegal or inappropriate material while on their network you should look into their privacy policy. most private companies consider the network "theirs" and do not give the impression to their employees that they are provided a level of privacy. public institutions though like state schools and possibly public hospitals will almost never look into what an employee has been doing since it is public and considered protected.

so if you looked at some pron and think you will be fired check out your companies privacy policy and find yourself a good lawyer. even if you did something bad you may actually be able to win out in a lawsuit if your employer illegally spied on you.

I know they log searches, and can watch your screen/lock your pc at my school, a few kids have been busted for going on facebook and such, you are never safe, they are watching.

 

[Easy Rhino]

I know they log searches, and can watch your screen/lock your pc at my school, a few kids have been busted for going on facebook and such, you are never safe, they are watching.

with windows active directory, everything can be logged very easily. linux admins have to do more work which is why most places just setup a domain controller and have all of the PCs on the network log in to the domain with a users log/pass. from there the admins can completely control the PC. this is why the question should be legal in nature. every corporation, institution has their own policy regarding employee or student privacy.

 

[Disparia]

We know and see all! Pay tribute or be turned over to HR!

- Lunch
- Liquor

 

[Rhyseh]

Solarwinds make a whole plethora of applications that you can use to track this information, although it doesn't come cheap. A much easier option would be to simply block all the ports on the firewall and force everyone to browse through a proxy server. That way everything they do is logged and everything that attempts to go directly to the web gets blocked.

If a proxy server isn't practical then block all unneccessary ports. You should do this anyway, not blocking unused ports is akin to locking the front door but leaving the backdoor and windows wide open.

Alternately having a look at the UPnP port list on the router should quickly show the source IP of the torrenting demon. The port should be a rather high number, normally it will also use the same port on both TCP and UDP traffic, which makes it easier to spot.

Windows server will only have a record of what is accessed from THAT server (provided auditing is setup to do so). Your network admin should be able to identify and resolve this extremely quickly if he is half competent.

 

[Widjaja]

I guess the assumption with the senior network admin, is these kids only know facebook and youtube so adding a third party app which is going to cost would be a waste of money as where I live, we don't get many computer savvy people around.

Especially where I'm designated to give a hand but in a way which costs $0.