/build/static/layout/Breadcrumb_cap_w.png

Scripting Question


Internet History - from remote machine

Hi All,

Have been ask to have a look at an end users internet history and came across the BrowsingHistoryView application by NIRSOFT it is a standalone application that seems to work well for local machines but seems a bit hit or miss when trying to run it remotely.

It can be ran using CMD with parameters to export to csv file.

Just wondering if anyone knows a way I could run upload the exe onto kace have it run on a machine via cmd and generate a report that could grap using \\laptopname\c$\report location.

Thanks everyone!

0 Comments   [ + ] Show comments

Comments


All Answers

1

aside from many legal issues the way would be a script with the scripting engine.

Answered 02/22/2020 by: Nico_K
Red Belt

  • Thanks Nick,

    Our IT policy was written to say that Internet History could be checked when and if required, so it would only be there as an on demand thing IT is told by HR to investigate an employees History.

    any idea what the script should be like?
    • definitely a callhidden so the user cant tell whats goin on. also the script itself should after finish copy the report to some shared folder in which it has write rights. obvsly the scripts needs to have admin rights to do it.
      also a good thing would be asking the vendor if its even possible to do remotely. also would probably depend what browsers ur users generaly use. theres probably some more things to consider which i cant think of right now due to early sunday morning.
      But.
      on the other hand there are many diffrent ways which do not voilate or could be seen as intrusion into ones privacy. i mean by general if you dont want your users to browse anythin besides some given sites then go for a GPO and disable everything else they are not allowed to browse during work hours or connect them through a vpn and do the same. becoz lets be srs if the IT department cant block the sites they dont want users to browse then why penalize users when they browse them? obvsly if an user is bypassing the locks etc then it there is a reason. but imo dont try to set up a trap on a user for him to fall into and then blame him for it, just go a prevent it and dont make drama.
      also it would be good to notify the users about this kind of change to not raise a water gate situation. imo this is a questionable practice but well...
      but back to the topic if you need help with the script i could be of assistance, give me a msg.
      cheers.
    • since this query is strictly forbidden in Europe (where I live) I will not help you. You can research how to collect the info (a mostly legal way would be reading out the DNS queries which contains the web servers which were queried but not the web pages)
1

This is possible however as suggested by Nico please be aware of legality.


you can find powershell for achieving same. 


In kace you should be able to run program or powershell by script. 



github.com -> Get-BrowserData.ps1


Answered 02/23/2020 by: rock_star
3rd Degree Black Belt

0

If you have a firewall router that has a logging functionality, most do, you can use a number of tools that capture the logging information and then create a report to list the internet activity of the specific user. ManageEngine has a Firewall Analyzer application that pulls the Firewall logs and will enable you to report.



Answered 02/26/2020 by: Mark_KMC
White Belt

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ