Internet History - from remote machine
Hi All,
Have been ask to have a look at an end users internet history and came across the BrowsingHistoryView application by NIRSOFT it is a standalone application that seems to work well for local machines but seems a bit hit or miss when trying to run it remotely.
It can be ran using CMD with parameters to export to csv file.
Just wondering if anyone knows a way I could run upload the exe onto kace have it run on a machine via cmd and generate a report that could grap using \\laptopname\c$\report location.
Thanks everyone!
Answers (3)
aside from many legal issues the way would be a script with the scripting engine.
Comments:
-
Thanks Nick,
Our IT policy was written to say that Internet History could be checked when and if required, so it would only be there as an on demand thing IT is told by HR to investigate an employees History.
any idea what the script should be like? - samuel.campbell@gilbert-ash.co.uk 4 years ago-
definitely a callhidden so the user cant tell whats goin on. also the script itself should after finish copy the report to some shared folder in which it has write rights. obvsly the scripts needs to have admin rights to do it.
also a good thing would be asking the vendor if its even possible to do remotely. also would probably depend what browsers ur users generaly use. theres probably some more things to consider which i cant think of right now due to early sunday morning.
But.
on the other hand there are many diffrent ways which do not voilate or could be seen as intrusion into ones privacy. i mean by general if you dont want your users to browse anythin besides some given sites then go for a GPO and disable everything else they are not allowed to browse during work hours or connect them through a vpn and do the same. becoz lets be srs if the IT department cant block the sites they dont want users to browse then why penalize users when they browse them? obvsly if an user is bypassing the locks etc then it there is a reason. but imo dont try to set up a trap on a user for him to fall into and then blame him for it, just go a prevent it and dont make drama.
also it would be good to notify the users about this kind of change to not raise a water gate situation. imo this is a questionable practice but well...
but back to the topic if you need help with the script i could be of assistance, give me a msg.
cheers. - haway_the_lads 4 years ago -
since this query is strictly forbidden in Europe (where I live) I will not help you. You can research how to collect the info (a mostly legal way would be reading out the DNS queries which contains the web servers which were queried but not the web pages) - Nico_K 4 years ago
This is possible however as suggested by Nico please be aware of legality.
you can find powershell for achieving same.
In kace you should be able to run program or powershell by script.
github.com -> Get-BrowserData.ps1
If you have a firewall router that has a logging functionality, most do, you can use a number of tools that capture the logging information and then create a report to list the internet activity of the specific user. ManageEngine has a Firewall Analyzer application that pulls the Firewall logs and will enable you to report.
