Omega Owners Forum

Please login or register.

Login with username, password and session length
Advanced search  

News:

Please play nicely.  No one wants to listen/read a keyboard warriors rants....

Pages: [1] 2  All   Go Down

Author Topic: Internet use logs  (Read 3216 times)

0 Members and 1 Guest are viewing this topic.

JonArgraig

  • Omega Knight
  • *****
  • Offline Offline
  • Gender: Male
  • Isle of Angelsey
  • Posts: 1098
  • The Camera Ninja
    • View Profile
Internet use logs
« on: 14 April 2008, 18:43:10 »

Afternoon chaps,

Ive been tasked with finding out some one elses net use, there have wiped there cookies, history and faviots ect ect, and the windows event logs for explorer are blank.

Any idea's peoples ?
Logged

TheBoy

  • Administrator
  • *****
  • Offline Offline
  • Gender: Male
  • Brackley, Northants
  • Posts: 107026
  • I Like Lockdown
    • Whatever Starts
    • View Profile
Re: Internet use logs
« Reply #1 on: 14 April 2008, 18:44:53 »

Quote
Afternoon chaps,

Ive been tasked with finding out some one elses net use, there have wiped there cookies, history and faviots ect ect, and the windows event logs for explorer are blank.

Any idea's peoples ?
in business environment, f/w logs ;)

in home environment, isps retain a lot, but will only release to authorities....
Logged
Grumpy old man

Debs.

  • Guest
Re: Internet use logs
« Reply #2 on: 14 April 2008, 19:02:00 »

Quote
Afternoon chaps,

Ive been tasked with finding out some one elses net use, there have wiped there cookies, history and faviots ect ect, and the windows event logs for explorer are blank.

Any idea's peoples ?

One of the commercial forensic HDD analysis/recovery products would allow you to review all not-yet overwritten data (which may or may not include logs/files/TMP data etc), a tedious job it will be though.....but, if you intend to go down that path; STOP using the machine in question immediately and wait until you have the forensic-software to hand, as any use will risk overwriting the stuff you`ll be interested in.
Logged

JonArgraig

  • Omega Knight
  • *****
  • Offline Offline
  • Gender: Male
  • Isle of Angelsey
  • Posts: 1098
  • The Camera Ninja
    • View Profile
Re: Internet use logs
« Reply #3 on: 14 April 2008, 19:06:34 »

They have been locked in my office for the last 2 weeks since the staff where removed, any one got any recomedations for a good package to use ?
Logged

JonArgraig

  • Omega Knight
  • *****
  • Offline Offline
  • Gender: Male
  • Isle of Angelsey
  • Posts: 1098
  • The Camera Ninja
    • View Profile
Re: Internet use logs
« Reply #4 on: 14 April 2008, 19:09:19 »

Quote
Quote
Afternoon chaps,

Ive been tasked with finding out some one elses net use, there have wiped there cookies, history and faviots ect ect, and the windows event logs for explorer are blank.

Any idea's peoples ?
in business environment, f/w logs ;)

mmm Fire wall logs, thats going to be fun, but cracking idea :) thanks

in home environment, isps retain a lot, but will only release to authorities....
Logged

Debs.

  • Guest
Re: Internet use logs
« Reply #5 on: 14 April 2008, 19:21:10 »

Quote
They have been locked in my office for the last 2 weeks since the staff where removed, any one got any recomedations for a good package to use ?

Having had experience of working in a 'sensitive-environment'. I have always been really careful about data management and cleansing.

I have used these kind of products to ensure real-world destruction/deletion has taken place, and it has served me well, it is of course equally useful for forensic data recovery.  ;)

http://www.x-ways.net/
Logged

JonArgraig

  • Omega Knight
  • *****
  • Offline Offline
  • Gender: Male
  • Isle of Angelsey
  • Posts: 1098
  • The Camera Ninja
    • View Profile
Re: Internet use logs
« Reply #6 on: 14 April 2008, 19:26:05 »

Having a go at the FW logs now, looks promissing thanks chaps
Logged

Kevin Wood

  • Global Moderator
  • *****
  • Offline Offline
  • Gender: Male
  • Alton, Hampshire
  • Posts: 36417
    • Jaguar XE 25t, Westfield
    • View Profile
Re: Internet use logs
« Reply #7 on: 14 April 2008, 19:31:20 »

Depending on importance / budget, there are companies who will take an image of the machine and do all sorts of forensics on it. They will know exactly where to go to save you poking around on the drive for ages too.

Kevin
Logged
Tech2 services currently available. See TheBoy's price list: http://theboy.omegaowners.com/

TheBoy

  • Administrator
  • *****
  • Offline Offline
  • Gender: Male
  • Brackley, Northants
  • Posts: 107026
  • I Like Lockdown
    • Whatever Starts
    • View Profile
Re: Internet use logs
« Reply #8 on: 14 April 2008, 19:36:56 »

Quote
Depending on importance / budget, there are companies who will take an image of the machine and do all sorts of forensics on it. They will know exactly where to go to save you poking around on the drive for ages too.

Kevin
Last time we had that done (was for data recovery rather than forensic) it cost about £250k
Logged
Grumpy old man

Kevin Wood

  • Global Moderator
  • *****
  • Offline Offline
  • Gender: Male
  • Alton, Hampshire
  • Posts: 36417
    • Jaguar XE 25t, Westfield
    • View Profile
Re: Internet use logs
« Reply #9 on: 14 April 2008, 19:40:46 »

Quote
Quote
Depending on importance / budget, there are companies who will take an image of the machine and do all sorts of forensics on it. They will know exactly where to go to save you poking around on the drive for ages too.

Kevin
Last time we had that done (was for data recovery rather than forensic) it cost about £250k

I'm guessing that was for a bit more than a desktop PC though?

I've had a failed RAID5 array done for about 1K. I'm guessing if you just want specific information they would be reasonable. The guy I used does that kind of stuff for law enforcement so I guess he could probably go straight to the information you need.

Don't know. Might be worth a phone call depoending on how important it is that you find everything and that you don't lose the evidence.

Kevin
Logged
Tech2 services currently available. See TheBoy's price list: http://theboy.omegaowners.com/

TheBoy

  • Administrator
  • *****
  • Offline Offline
  • Gender: Male
  • Brackley, Northants
  • Posts: 107026
  • I Like Lockdown
    • Whatever Starts
    • View Profile
Re: Internet use logs
« Reply #10 on: 14 April 2008, 19:42:44 »

Quote
Quote
Quote
Depending on importance / budget, there are companies who will take an image of the machine and do all sorts of forensics on it. They will know exactly where to go to save you poking around on the drive for ages too.

Kevin
Last time we had that done (was for data recovery rather than forensic) it cost about £250k

I'm guessing that was for a bit more than a desktop PC though?

I've had a failed RAID5 array done for about 1K. I'm guessing if you just want specific information they would be reasonable. The guy I used does that kind of stuff for law enforcement so I guess he could probably go straight to the information you need.

Don't know. Might be worth a phone call depoending on how important it is that you find everything and that you don't lose the evidence.

Kevin
Yes, it was more than a PC.  Can't say what it was, as it was a very visible thing, and I think the incident is under NDA still.
Logged
Grumpy old man

JonArgraig

  • Omega Knight
  • *****
  • Offline Offline
  • Gender: Male
  • Isle of Angelsey
  • Posts: 1098
  • The Camera Ninja
    • View Profile
Re: Internet use logs
« Reply #11 on: 14 April 2008, 20:01:17 »

Mine is a simple humble desktop PC, but we suspect them of on line gambling, well we "know" but need proof going to wait every one has gone home then have a play.

I much prefere Roulette logs :(
Logged

Weds

  • Senior Member
  • ****
  • Offline Offline
  • Gender: Male
  • Chatham, Kent
  • Posts: 653
  • My other hobby
    • Mercedes E class 350 CDi
    • View Profile
Re: Internet use logs
« Reply #12 on: 14 April 2008, 20:38:17 »

Quote
but we suspect them of on line gambling,
 :(

Someone took my debit card  on-line gambling to the tune of £4500 recently and it wasn't me...

Taxi_Driver

  • Guest
Re: Internet use logs
« Reply #13 on: 14 April 2008, 20:44:12 »

Quote
Mine is a simple humble desktop PC, but we suspect them of on line gambling, well we "know" but need proof going to wait every one has gone home then have a play.

I much prefere Roulette logs :(

The f/w carnt be setup very well if it allows intranet users to access such sites   :-?
Logged

TheBoy

  • Administrator
  • *****
  • Offline Offline
  • Gender: Male
  • Brackley, Northants
  • Posts: 107026
  • I Like Lockdown
    • Whatever Starts
    • View Profile
Re: Internet use logs
« Reply #14 on: 14 April 2008, 20:52:22 »

Quote
Quote
Mine is a simple humble desktop PC, but we suspect them of on line gambling, well we "know" but need proof going to wait every one has gone home then have a play.

I much prefere Roulette logs :(

The f/w carnt be setup very well if it allows intranet users to access such sites   :-?
Our place has opened them all up (f/ws are better so can content screen better).  Then its a good way to dismiss people ;)
Logged
Grumpy old man
Pages: [1] 2  All   Go Up
 

Page created in 0.011 seconds with 16 queries.