Re: Internet explorer history viewer

From: Stefan Osterlitz (osterlitz_at_mf-gt.de)
Date: 07/17/03

Next message: Douglas Schlenker: "plugging old IIS FTP holes"

Previous message: afzal_khan_at_acml.com: "Biometric fingerprint scanner"
Maybe in reply to: ICT User: "Internet explorer history viewer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "focus-ms@securityfocus.com" <focus-ms@securityfocus.com>
Date: Thu, 17 Jul 2003 15:44:23 +0200

Hello,
here's my .02 to these two threads:

Internet explorer history viewer
investigating misuse of the internet

Investigating files on the client machine could be your last resort if you have used a transparent proxy beforehand.

- Setting up a transparent proxy at your router allows you to log any http-request from your network.
- You can force any HTTP-traffic through the proxy, so there is no way for the users to circumvent this measure besides using an http proxy outside your network.
- Also, you can scan vor viruses and malware at this point.
- Using authentication and authorization on the proxy give you a good forensic evidence, since any usage can be traced back to individual users, independent of their ip.
- Also, you get the added benefit of real-time analysis, good load measuring, whatever..

Opinions?

Greetings,
Stefan Osterlitz

-----------------------------------------------------------------------------
------------------------------------------------------------------------------

Next message: Douglas Schlenker: "plugging old IIS FTP holes"

Previous message: afzal_khan_at_acml.com: "Biometric fingerprint scanner"
Maybe in reply to: ICT User: "Internet explorer history viewer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]