LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 12-12-2005, 03:10 AM   #1
therealkilkenny
LQ Newbie
 
Registered: Oct 2005
Posts: 22

Rep: Reputation: 15
Newbie - monitoring websites visited?


Is there any way to do this? I can do it in winXP using some software but i now have a dual boot on my pc with Suse and i want to monitor what websites are visited so that kids don't look at things they shouldn't.

Suse 10.0, KDE.

Any suggestions gladly appreciated.
 
Old 12-12-2005, 04:13 AM   #2
arunvk
Member
 
Registered: Nov 2005
Location: India
Distribution: Fedora 29
Posts: 197

Rep: Reputation: 30
all the websites that r visited get stored into the history folder, just like internet explorer. so all u have to do is see history. all the browsers come with this option.

i hope thats wat you are looking for.
 
Old 12-12-2005, 04:46 AM   #3
therealkilkenny
LQ Newbie
 
Registered: Oct 2005
Posts: 22

Original Poster
Rep: Reputation: 15
Well yea but it is very easy to delete the history and thus erase where you have been.......

Any software that runs in the background that is password protected, for example?
 
Old 12-12-2005, 05:06 AM   #4
arunvk
Member
 
Registered: Nov 2005
Location: India
Distribution: Fedora 29
Posts: 197

Rep: Reputation: 30
u cud use a keylogger, this way all the activities will get recorded. this way u can know everything the user did with the computer. so u can monitor the user's activities:- which sites he is visited or even wat he typed in his emails.

u give zero privacy to the user.

there are many available, few links are:-
http://rpmfind.net/linux/RPM/SUSE_LINUX_10.0.html
http://linux.softpedia.com/get/Syste...pld-7804.shtml

if this was helpful. do reply.
 
Old 12-12-2005, 05:31 AM   #5
therealkilkenny
LQ Newbie
 
Registered: Oct 2005
Posts: 22

Original Poster
Rep: Reputation: 15
That is the kind of thing i am talking about but i think it would be a bit of over kill. I only want to monitor the websites that they visit (i assume they could visit websites without the key loggers knowledge but using a mouse?)

A key logger would also be a pain to check through (i'm assuming that i would have to wade through lots of useless 'junk' to find any websites typed in or searches performed). Is there a kind of internet logger that logs all internet activitiy?
 
Old 12-12-2005, 09:08 AM   #6
arunvk
Member
 
Registered: Nov 2005
Location: India
Distribution: Fedora 29
Posts: 197

Rep: Reputation: 30
the following link will help u i guess

http://www.newsforge.com/article.pl?.../06/23/1521209

3 softwares r mentioned in that link which may be of some help to u.
 
Old 12-12-2005, 10:04 AM   #7
therealkilkenny
LQ Newbie
 
Registered: Oct 2005
Posts: 22

Original Poster
Rep: Reputation: 15
Thanks for that. It's not what i'm looking for however. I don't want to filter content, just monitor it.
 
Old 12-13-2005, 04:27 AM   #8
SkyEye
Member
 
Registered: Sep 2005
Location: Sri Lanka
Distribution: Fedora (workstations), CentOS (servers), Arch, Mint, Ubuntu, and a few more.
Posts: 441

Rep: Reputation: 40
You can use Squid. Even if you don't want content filtering you still can use squid only for monitoring. What you have to do is to use squid and a log file analyzer to monitor or/and analyze squid logs. Good log analyzers usually provide graphs and/or reports representing sites by user, users by sites, site categories, sites by hits, sites by downloads, etc. (Squid log format enforces this) This might look like an overkill. But it's a good option unless you come across a simpler solution.

I guess why you just want to monitor, and not filter. I hope this has to do with being proactive only. Because a system administrators role has an ethical aspect. You have to respect the users privacy and freedom. Then again in the eyes of a parent or a manager one can see why it is needed.
 
Old 12-13-2005, 07:32 AM   #9
BurtonRA
LQ Newbie
 
Registered: Dec 2005
Location: Charlotte, NC
Distribution: SUSE
Posts: 1

Rep: Reputation: 0
Another option would be to set up BIND (DNS server) on the Linux system. Internal to BIND, you can turn on logging for all DNS querries. In a typical environment, most of the DNS querries are for web pages, so most of what you would see would be the web sites visited. However, if they were accessing news servers, chat rooms, etc., you will see that too.

In my case, I have 4 PCs at home in a network. 3/4 run WinXP, and the 4th runs SUSE v9. The SUSE system runs BIND, and is set up as the primary DNS server for the other 3 PCs, and has full logging turned on. 2/4 of the WinXP machines belong to my teenagers. Since the SUSE system is the primary DNS, and has logging enabled, I can see everything they do, without them knowing that I'm watching. I use Norton Internet Security on all of the WinXP systems, and have parental controls enabled, so the kids aren't able to get to much in the way of "bad" stuff, but I can still see what they are doing any time I need to.

Hope this helps. If you are interested in setting up BIND, a quick Google on "Linux DNS BIND" will get you all sorts of info on how to install & configure BIND. With SUSE, YAST will get you 99% of the way there, but at least in my case, I had to edit one of the conf files to turn logging on.

Randy Burton
Charlote, NC
 
Old 05-24-2006, 08:22 PM   #10
simber
LQ Newbie
 
Registered: Nov 2005
Location: Ankara
Distribution: SuSE 9.2
Posts: 24

Rep: Reputation: 15
Any possible solution without setting up a proxy? I mean, I need to find the websites list at the router level. The thing is, there are three computers using the same DSL router at home, but none is a gateway or whatsoever. 2 of them are laptops and the last one (PC) is not always open, and therefore none can be set up as a gateway or proxy? If only I could monitor which websites the router reaches/diverts at least while I have my laptop on and feed the data from the router, that would still do good enough for me? I don't know if it could be done via scripts either? Does anyone have any idea?
 
Old 05-26-2006, 05:46 PM   #11
osor
HCL Maintainer
 
Registered: Jan 2006
Distribution: (H)LFS, Gentoo
Posts: 2,450

Rep: Reputation: 77
Quote:
Originally Posted by therealkilkenny
That is the kind of thing i am talking about but i think it would be a bit of over kill. I only want to monitor the websites that they visit (i assume they could visit websites without the key loggers knowledge but using a mouse?)

A key logger would also be a pain to check through (i'm assuming that i would have to wade through lots of useless 'junk' to find any websites typed in or searches performed). Is there a kind of internet logger that logs all internet activitiy?
Maybe I'm missing something here, but what's wrong with good old-fashioned netfilter? It's very flexible and built into most kernels. Have you tried adding this to your firewall rules:

Code:
/sbin/iptables -A INPUT --protocol tcp --source-port 80 --jump LOG --log-prefix "Website visited"
Of course you would need to parse the log somehow. Maybe write a simple cron script (that's executed daily) that extracts all the "Website visited" log entries and looks the up the source ip address. You could customize the output of the newer logs (the ones you're actually going to read) to something like:

Code:
Date/time. Name of website
Tell me if I'm way off base here.
 
Old 05-26-2006, 06:05 PM   #12
osor
HCL Maintainer
 
Registered: Jan 2006
Distribution: (H)LFS, Gentoo
Posts: 2,450

Rep: Reputation: 77
Quote:
Originally Posted by osor
Maybe I'm missing something here, but what's wrong with good old-fashioned netfilter? It's very flexible and built into most kernels. Have you tried adding this to your firewall rules:

Code:
/sbin/iptables -A INPUT --protocol tcp --source-port 80 --jump LOG --log-prefix "Website visited"
Actually, a much better idea would be to log the new connections to the server. This would save you from thousands of log entries and also log those attempted connections made by the host. Just do

Code:
/sbin/iptables -A OUTPUT --protocol tcp --destination-port 80 --match state --state NEW --jump LOG --log-prefix "Website visited"
There's also a relatively new program by the netfilter team called ulogd (Userspace LOGging Daemon), which allows great flexibility in netfilter logging. I don't know much about it, but maybe that would save some complexity.
 
Old 06-01-2006, 03:21 AM   #13
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 57
You want to feel like super big brother?
Appart from using a squid proxy and doing post analysis, you can try these:
*driftnet
http://ex-parrot.com/~chris/driftnet/
*darkstat
http://main.linuxfocus.org/English/S...ticle346.shtml
*wwwoffle
http://www.gedanken.demon.co.uk/wwwoffle/

Last edited by nx5000; 06-01-2006 at 03:36 AM.
 
Old 06-02-2006, 04:17 AM   #14
fhleung
Member
 
Registered: Aug 2004
Distribution: Lubuntu Live OS
Posts: 432

Rep: Reputation: 30
Are there any ways to bypass apache web server log? In other word, there was no record in the log file even the site is accessed.
 
Old 06-07-2006, 07:29 AM   #15
fhleung
Member
 
Registered: Aug 2004
Distribution: Lubuntu Live OS
Posts: 432

Rep: Reputation: 30
Are there any ways to bypass apache web server log? In other word, there was no record in the log file even the site is accessed.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Newbie - is there any software for monitoring internet usage? therealkilkenny Linux - Software 1 12-12-2005 05:21 AM
the 1024 cylinder limit visited... ngjunkie0011 SUSE / openSUSE 5 07-04-2005 10:46 AM
Galeon won't keep changes to visited link color oot Slackware 1 12-26-2003 05:44 PM
Any totally newbie websites? ale1981 Linux - Newbie 11 10-28-2003 12:04 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:32 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration