-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You can set the proxy in Active Directory, so you could create a Policy for his user to force him through your squid proxy. If linux is the firewall you could redirect web traffic to the proxy as well. A simple iptables rule to match his MAC address.
For parsing logs what I use for a couple of clients is sarg (http://sarg.sourceforge.net). IANAL, bu you can of course fire someone without cause, you just have to give proper notice or adequate pay in lieu of notice. If they are serious about getting rid of this person, they may be better served by consulting their lawyer. TekBudda wrote: > Jon wrote: >> Assuming you can get at the desktop to proxy him (or set it up via GPO), >> then there's a SQUID Virtual Machine over in the VMWare appliance repo >> that we've used in the past. >> >> It's a half hour setup max. >> >> I would recommend issuing his workstation a static IP before commencing >> the collection of any forensic data server-side. It's too easy to cast a >> 'reasonable doubt' on who's workstation is who's in a DHCP environment. >> >> Jon > > I will installing something else so can install the software as well. I > will make sure I do it after hours just to make sure. I didn't think > about the static IP...good idea. > > Hmm I didn't think about squid either....and i do have VMWare viewer > already installed here. I think I will see what I have in my bag of > tricks at home before deciding on a solution, so would still welcome > more suggestions. > > In case anyone is wondering, I hae to be careful what I look for, as the > user sits right behind me and can see my monitor, so I have tto watch > what I search for. ;-) > > Cameron > > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGNoGFwRXgH3rKGfMRAoyrAJoDFETHfGbklmlsJED4NfP72zf5IQCgi6mV 7SLqK0U46KlWvENGBCWmJCo= =F7hn -----END PGP SIGNATURE----- _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
