How to audit one specific user?

May I have suggestions on how to audit one specific user on my network that I
suspect is downloading inappropriate music, video and other materials?

I don't even know all that might be happening, thus the need to find out.
--
Thanks, Steve

Hi Steve,

It appears to be a cross-Newsgroup posting and I have already answered in
that thread. Please check my answer there.

In the future, I'd like to suggest you not to cross-post the same question
in multiple newsgroups. This will help our engineers work on your question
more efficiently. Your understanding and cooperation is appreciated.

For your convenience, I have included my reply as follows:
=========================
Hi Steve,

I think just block web site is not enough. I think you should block data
stream. Based on knowledge, ISA can do such job. If you wish, you can post
in ISA newsgroup for more information about this. Sorry, I'm not an ISA
specialist.

Have a good day!
===========================


Best regards,

Vincent Xu
Microsoft Online Partner Support

================================================== ====
Get Secure! - www.microsoft.com/security
================================================== ====
When responding to posts, please "Reply to Group" via your newsreader so
that others
may learn and benefit from this issue.
================================================== ====
This posting is provided "AS IS" with no warranties,and confers no rights.
================================================== ====



--------------------
>>Thread-Topic: How to audit one specific user?
>>thread-index: AcaQtFVMOf6EmcDPQXm76YpLYW/d9Q==
>>X-WBNR-Posting-Host: 70.171.42.251
>>From: =?Utf-8?B?U3RldmVQ?= <(E-Mail Removed)>
>>Subject: How to audit one specific user?
>>Date: Thu, 15 Jun 2006 12:46:02 -0700
>>Lines: 6
>>Message-ID: <CDE6A2A5-EC51-4D50-BD57-(E-Mail Removed)>
>>MIME-Version: 1.0
>>Content-Type: text/plain;
>> charset="Utf-8"
>>Content-Transfer-Encoding: 7bit
>>X-Newsreader: Microsoft CDO for Windows 2000
>>Content-Class: urn:content-classes:message
>>Importance: normal
>>Priority: normal
>>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
>>Newsgroups: microsoft.public.windows.server.networking
>>Path: TK2MSFTNGXA01.phx.gbl
>>Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.windows.server.networking:39548
>>NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
>>X-Tomcat-NG: microsoft.public.windows.server.networking
>>
>>May I have suggestions on how to audit one specific user on my network
that I
>>suspect is downloading inappropriate music, video and other materials?
>>
>>I don't even know all that might be happening, thus the need to find out.
>>--
>>Thanks, Steve
>>

Hi Vincent:

I feel my two questions were seperate and distinct.

One dealt with a third party firewall and what to apply filters to.

The second question pertains to auditing a particular user on my network to
look for inappropriate behavior.

I welcome your help as always!
--
Thanks, Steve


"Vincent Xu [MSFT]" wrote:

> Hi Steve,
>
> It appears to be a cross-Newsgroup posting and I have already answered in
> that thread. Please check my answer there.
>
> In the future, I'd like to suggest you not to cross-post the same question
> in multiple newsgroups. This will help our engineers work on your question
> more efficiently. Your understanding and cooperation is appreciated.
>
> For your convenience, I have included my reply as follows:
> =========================
> Hi Steve,
>
> I think just block web site is not enough. I think you should block data
> stream. Based on knowledge, ISA can do such job. If you wish, you can post
> in ISA newsgroup for more information about this. Sorry, I'm not an ISA
> specialist.
>
> Have a good day!
> ===========================
>
>
> Best regards,
>
> Vincent Xu
> Microsoft Online Partner Support
>
> ================================================== ====
> Get Secure! - www.microsoft.com/security
> ================================================== ====
> When responding to posts, please "Reply to Group" via your newsreader so
> that others
> may learn and benefit from this issue.
> ================================================== ====
> This posting is provided "AS IS" with no warranties,and confers no rights.
> ================================================== ====
>
>
>
> --------------------
> >>Thread-Topic: How to audit one specific user?
> >>thread-index: AcaQtFVMOf6EmcDPQXm76YpLYW/d9Q==
> >>X-WBNR-Posting-Host: 70.171.42.251
> >>From: =?Utf-8?B?U3RldmVQ?= <(E-Mail Removed)>
> >>Subject: How to audit one specific user?
> >>Date: Thu, 15 Jun 2006 12:46:02 -0700
> >>Lines: 6
> >>Message-ID: <CDE6A2A5-EC51-4D50-BD57-(E-Mail Removed)>
> >>MIME-Version: 1.0
> >>Content-Type: text/plain;
> >> charset="Utf-8"
> >>Content-Transfer-Encoding: 7bit
> >>X-Newsreader: Microsoft CDO for Windows 2000
> >>Content-Class: urn:content-classes:message
> >>Importance: normal
> >>Priority: normal
> >>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
> >>Newsgroups: microsoft.public.windows.server.networking
> >>Path: TK2MSFTNGXA01.phx.gbl
> >>Xref: TK2MSFTNGXA01.phx.gbl
> microsoft.public.windows.server.networking:39548
> >>NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
> >>X-Tomcat-NG: microsoft.public.windows.server.networking
> >>
> >>May I have suggestions on how to audit one specific user on my network
> that I
> >>suspect is downloading inappropriate music, video and other materials?
> >>
> >>I don't even know all that might be happening, thus the need to find out.
> >>--
> >>Thanks, Steve
> >>
>
>

Hi Steve,

Sorry for my mistake.

Here is the situation:

We can monitor the network traffic by using firewall but the precondition
is the network traffic will go through the firewall.

For example, when you try to access a external web site, the data stream
goes through the firewall but if you try to access an resource internal,
the traffice may not through the firewall and we are unable to monitor it.


Best regards,

Vincent Xu
Microsoft Online Partner Support

================================================== ====
Get Secure! - www.microsoft.com/security
================================================== ====
When responding to posts, please "Reply to Group" via your newsreader so
that others
may learn and benefit from this issue.
================================================== ====
This posting is provided "AS IS" with no warranties,and confers no rights.
================================================== ====



--------------------
>>Thread-Topic: How to audit one specific user?
>>thread-index: AcaQ985V5CxzFw+6TQerzFF30m8oHA==
>>X-WBNR-Posting-Host: 70.171.42.251
>>From: =?Utf-8?B?U3RldmVQ?= <(E-Mail Removed)>
>>References: <CDE6A2A5-EC51-4D50-BD57-(E-Mail Removed)>
<(E-Mail Removed)>
>>Subject: RE: How to audit one specific user?
>>Date: Thu, 15 Jun 2006 20:49:01 -0700
>>Lines: 90
>>Message-ID: <20B39C01-E14F-4218-9228-(E-Mail Removed)>
>>MIME-Version: 1.0
>>Content-Type: text/plain;
>> charset="Utf-8"
>>Content-Transfer-Encoding: 7bit
>>X-Newsreader: Microsoft CDO for Windows 2000
>>Content-Class: urn:content-classes:message
>>Importance: normal
>>Priority: normal
>>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
>>Newsgroups: microsoft.public.windows.server.networking
>>Path: TK2MSFTNGXA01.phx.gbl
>>Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.windows.server.networking:39564
>>NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
>>X-Tomcat-NG: microsoft.public.windows.server.networking
>>
>>Hi Vincent:
>>
>>I feel my two questions were seperate and distinct.
>>
>>One dealt with a third party firewall and what to apply filters to.
>>
>>The second question pertains to auditing a particular user on my network
to
>>look for inappropriate behavior.
>>
>>I welcome your help as always!
>>--
>>Thanks, Steve
>>
>>
>>"Vincent Xu [MSFT]" wrote:
>>
>>> Hi Steve,
>>>
>>> It appears to be a cross-Newsgroup posting and I have already answered
in
>>> that thread. Please check my answer there.
>>>
>>> In the future, I'd like to suggest you not to cross-post the same
question
>>> in multiple newsgroups. This will help our engineers work on your
question
>>> more efficiently. Your understanding and cooperation is appreciated.
>>>
>>> For your convenience, I have included my reply as follows:
>>> =========================
>>> Hi Steve,
>>>
>>> I think just block web site is not enough. I think you should block
data
>>> stream. Based on knowledge, ISA can do such job. If you wish, you can
post
>>> in ISA newsgroup for more information about this. Sorry, I'm not an ISA
>>> specialist.
>>>
>>> Have a good day!
>>> ===========================
>>>
>>>
>>> Best regards,
>>>
>>> Vincent Xu
>>> Microsoft Online Partner Support
>>>
>>> ================================================== ====
>>> Get Secure! - www.microsoft.com/security
>>> ================================================== ====
>>> When responding to posts, please "Reply to Group" via your newsreader
so
>>> that others
>>> may learn and benefit from this issue.
>>> ================================================== ====
>>> This posting is provided "AS IS" with no warranties,and confers no
rights.
>>> ================================================== ====
>>>
>>>
>>>
>>> --------------------
>>> >>Thread-Topic: How to audit one specific user?
>>> >>thread-index: AcaQtFVMOf6EmcDPQXm76YpLYW/d9Q==
>>> >>X-WBNR-Posting-Host: 70.171.42.251
>>> >>From: =?Utf-8?B?U3RldmVQ?= <(E-Mail Removed)>
>>> >>Subject: How to audit one specific user?
>>> >>Date: Thu, 15 Jun 2006 12:46:02 -0700
>>> >>Lines: 6
>>> >>Message-ID: <CDE6A2A5-EC51-4D50-BD57-(E-Mail Removed)>
>>> >>MIME-Version: 1.0
>>> >>Content-Type: text/plain;
>>> >> charset="Utf-8"
>>> >>Content-Transfer-Encoding: 7bit
>>> >>X-Newsreader: Microsoft CDO for Windows 2000
>>> >>Content-Class: urn:content-classes:message
>>> >>Importance: normal
>>> >>Priority: normal
>>> >>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
>>> >>Newsgroups: microsoft.public.windows.server.networking
>>> >>Path: TK2MSFTNGXA01.phx.gbl
>>> >>Xref: TK2MSFTNGXA01.phx.gbl
>>> microsoft.public.windows.server.networking:39548
>>> >>NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
>>> >>X-Tomcat-NG: microsoft.public.windows.server.networking
>>> >>
>>> >>May I have suggestions on how to audit one specific user on my
network
>>> that I
>>> >>suspect is downloading inappropriate music, video and other
materials?
>>> >>
>>> >>I don't even know all that might be happening, thus the need to find
out.
>>> >>--
>>> >>Thanks, Steve
>>> >>
>>>
>>>
>>

Hi Vincent:

I'm sorry for not being clear with my questions.

My 3COM router (T1 connection) and my Cox Cable router (cabe connection) are
both also firewalls.

Both firewalls have a place in them where I can type the addresses of sites
outside my network on the internet that I do not want my users to go to.
Such as Napster, Bearshare, bittorrent and places like that. I want to stop
the downloading of music, videos, porn, etc.

I don't know the names and addresses of the major sites that my users go to
for the purpose of downloading this non-work related stuff.

So, I am asking for a link (or list) to a list of these major sites so I can
enter them in the firewalls and prevent user access to them.


--
Thanks, Steve


"Vincent Xu [MSFT]" wrote:

> Hi Steve,
>
> Sorry for my mistake.
>
> Here is the situation:
>
> We can monitor the network traffic by using firewall but the precondition
> is the network traffic will go through the firewall.
>
> For example, when you try to access a external web site, the data stream
> goes through the firewall but if you try to access an resource internal,
> the traffice may not through the firewall and we are unable to monitor it.
>
>
> Best regards,
>
> Vincent Xu
> Microsoft Online Partner Support
>
> ================================================== ====
> Get Secure! - www.microsoft.com/security
> ================================================== ====
> When responding to posts, please "Reply to Group" via your newsreader so
> that others
> may learn and benefit from this issue.
> ================================================== ====
> This posting is provided "AS IS" with no warranties,and confers no rights.
> ================================================== ====
>
>
>
> --------------------
> >>Thread-Topic: How to audit one specific user?
> >>thread-index: AcaQ985V5CxzFw+6TQerzFF30m8oHA==
> >>X-WBNR-Posting-Host: 70.171.42.251
> >>From: =?Utf-8?B?U3RldmVQ?= <(E-Mail Removed)>
> >>References: <CDE6A2A5-EC51-4D50-BD57-(E-Mail Removed)>
> <(E-Mail Removed)>
> >>Subject: RE: How to audit one specific user?
> >>Date: Thu, 15 Jun 2006 20:49:01 -0700
> >>Lines: 90
> >>Message-ID: <20B39C01-E14F-4218-9228-(E-Mail Removed)>
> >>MIME-Version: 1.0
> >>Content-Type: text/plain;
> >> charset="Utf-8"
> >>Content-Transfer-Encoding: 7bit
> >>X-Newsreader: Microsoft CDO for Windows 2000
> >>Content-Class: urn:content-classes:message
> >>Importance: normal
> >>Priority: normal
> >>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
> >>Newsgroups: microsoft.public.windows.server.networking
> >>Path: TK2MSFTNGXA01.phx.gbl
> >>Xref: TK2MSFTNGXA01.phx.gbl
> microsoft.public.windows.server.networking:39564
> >>NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
> >>X-Tomcat-NG: microsoft.public.windows.server.networking
> >>
> >>Hi Vincent:
> >>
> >>I feel my two questions were seperate and distinct.
> >>
> >>One dealt with a third party firewall and what to apply filters to.
> >>
> >>The second question pertains to auditing a particular user on my network
> to
> >>look for inappropriate behavior.
> >>
> >>I welcome your help as always!
> >>--
> >>Thanks, Steve
> >>
> >>
> >>"Vincent Xu [MSFT]" wrote:
> >>
> >>> Hi Steve,
> >>>
> >>> It appears to be a cross-Newsgroup posting and I have already answered
> in
> >>> that thread. Please check my answer there.
> >>>
> >>> In the future, I'd like to suggest you not to cross-post the same
> question
> >>> in multiple newsgroups. This will help our engineers work on your
> question
> >>> more efficiently. Your understanding and cooperation is appreciated.
> >>>
> >>> For your convenience, I have included my reply as follows:
> >>> =========================
> >>> Hi Steve,
> >>>
> >>> I think just block web site is not enough. I think you should block
> data
> >>> stream. Based on knowledge, ISA can do such job. If you wish, you can
> post
> >>> in ISA newsgroup for more information about this. Sorry, I'm not an ISA
> >>> specialist.
> >>>
> >>> Have a good day!
> >>> ===========================
> >>>
> >>>
> >>> Best regards,
> >>>
> >>> Vincent Xu
> >>> Microsoft Online Partner Support
> >>>
> >>> ================================================== ====
> >>> Get Secure! - www.microsoft.com/security
> >>> ================================================== ====
> >>> When responding to posts, please "Reply to Group" via your newsreader
> so
> >>> that others
> >>> may learn and benefit from this issue.
> >>> ================================================== ====
> >>> This posting is provided "AS IS" with no warranties,and confers no
> rights.
> >>> ================================================== ====
> >>>
> >>>
> >>>
> >>> --------------------
> >>> >>Thread-Topic: How to audit one specific user?
> >>> >>thread-index: AcaQtFVMOf6EmcDPQXm76YpLYW/d9Q==
> >>> >>X-WBNR-Posting-Host: 70.171.42.251
> >>> >>From: =?Utf-8?B?U3RldmVQ?= <(E-Mail Removed)>
> >>> >>Subject: How to audit one specific user?
> >>> >>Date: Thu, 15 Jun 2006 12:46:02 -0700
> >>> >>Lines: 6
> >>> >>Message-ID: <CDE6A2A5-EC51-4D50-BD57-(E-Mail Removed)>
> >>> >>MIME-Version: 1.0
> >>> >>Content-Type: text/plain;
> >>> >> charset="Utf-8"
> >>> >>Content-Transfer-Encoding: 7bit
> >>> >>X-Newsreader: Microsoft CDO for Windows 2000
> >>> >>Content-Class: urn:content-classes:message
> >>> >>Importance: normal
> >>> >>Priority: normal
> >>> >>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
> >>> >>Newsgroups: microsoft.public.windows.server.networking
> >>> >>Path: TK2MSFTNGXA01.phx.gbl
> >>> >>Xref: TK2MSFTNGXA01.phx.gbl
> >>> microsoft.public.windows.server.networking:39548
> >>> >>NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
> >>> >>X-Tomcat-NG: microsoft.public.windows.server.networking
> >>> >>
> >>> >>May I have suggestions on how to audit one specific user on my
> network
> >>> that I
> >>> >>suspect is downloading inappropriate music, video and other
> materials?
> >>> >>
> >>> >>I don't even know all that might be happening, thus the need to find
> out.
> >>> >>--
> >>> >>Thanks, Steve
> >>> >>
> >>>
> >>>
> >>
>
>

Hi Vincent:

The second question deals with something else. I have been ordered to allow
a 12 year old child onto my network for the summer. With all the priviledges
of a regular user. So, I set up a user account, internet, e-mail, printers,
everything just like a regular user. But this is not a regular user.
Accidental damage could be done to important data on the network by this
youngster.

I want to heavily monitor this one specific computer so I can tell where the
young user is going and what the user is downloading, etc. To me this is
self defense.

How can I hevily monitor/audit the activities of this one user and computer?
--
Thanks, Steve


"Vincent Xu [MSFT]" wrote:

> Hi Steve,
>
> Sorry for my mistake.
>
> Here is the situation:
>
> We can monitor the network traffic by using firewall but the precondition
> is the network traffic will go through the firewall.
>
> For example, when you try to access a external web site, the data stream
> goes through the firewall but if you try to access an resource internal,
> the traffice may not through the firewall and we are unable to monitor it.
>
>
> Best regards,
>
> Vincent Xu
> Microsoft Online Partner Support
>
> ================================================== ====
> Get Secure! - www.microsoft.com/security
> ================================================== ====
> When responding to posts, please "Reply to Group" via your newsreader so
> that others
> may learn and benefit from this issue.
> ================================================== ====
> This posting is provided "AS IS" with no warranties,and confers no rights.
> ================================================== ====
>
>
>
> --------------------
> >>Thread-Topic: How to audit one specific user?
> >>thread-index: AcaQ985V5CxzFw+6TQerzFF30m8oHA==
> >>X-WBNR-Posting-Host: 70.171.42.251
> >>From: =?Utf-8?B?U3RldmVQ?= <(E-Mail Removed)>
> >>References: <CDE6A2A5-EC51-4D50-BD57-(E-Mail Removed)>
> <(E-Mail Removed)>
> >>Subject: RE: How to audit one specific user?
> >>Date: Thu, 15 Jun 2006 20:49:01 -0700
> >>Lines: 90
> >>Message-ID: <20B39C01-E14F-4218-9228-(E-Mail Removed)>
> >>MIME-Version: 1.0
> >>Content-Type: text/plain;
> >> charset="Utf-8"
> >>Content-Transfer-Encoding: 7bit
> >>X-Newsreader: Microsoft CDO for Windows 2000
> >>Content-Class: urn:content-classes:message
> >>Importance: normal
> >>Priority: normal
> >>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
> >>Newsgroups: microsoft.public.windows.server.networking
> >>Path: TK2MSFTNGXA01.phx.gbl
> >>Xref: TK2MSFTNGXA01.phx.gbl
> microsoft.public.windows.server.networking:39564
> >>NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
> >>X-Tomcat-NG: microsoft.public.windows.server.networking
> >>
> >>Hi Vincent:
> >>
> >>I feel my two questions were seperate and distinct.
> >>
> >>One dealt with a third party firewall and what to apply filters to.
> >>
> >>The second question pertains to auditing a particular user on my network
> to
> >>look for inappropriate behavior.
> >>
> >>I welcome your help as always!
> >>--
> >>Thanks, Steve
> >>
> >>
> >>"Vincent Xu [MSFT]" wrote:
> >>
> >>> Hi Steve,
> >>>
> >>> It appears to be a cross-Newsgroup posting and I have already answered
> in
> >>> that thread. Please check my answer there.
> >>>
> >>> In the future, I'd like to suggest you not to cross-post the same
> question
> >>> in multiple newsgroups. This will help our engineers work on your
> question
> >>> more efficiently. Your understanding and cooperation is appreciated.
> >>>
> >>> For your convenience, I have included my reply as follows:
> >>> =========================
> >>> Hi Steve,
> >>>
> >>> I think just block web site is not enough. I think you should block
> data
> >>> stream. Based on knowledge, ISA can do such job. If you wish, you can
> post
> >>> in ISA newsgroup for more information about this. Sorry, I'm not an ISA
> >>> specialist.
> >>>
> >>> Have a good day!
> >>> ===========================
> >>>
> >>>
> >>> Best regards,
> >>>
> >>> Vincent Xu
> >>> Microsoft Online Partner Support
> >>>
> >>> ================================================== ====
> >>> Get Secure! - www.microsoft.com/security
> >>> ================================================== ====
> >>> When responding to posts, please "Reply to Group" via your newsreader
> so
> >>> that others
> >>> may learn and benefit from this issue.
> >>> ================================================== ====
> >>> This posting is provided "AS IS" with no warranties,and confers no
> rights.
> >>> ================================================== ====
> >>>
> >>>
> >>>
> >>> --------------------
> >>> >>Thread-Topic: How to audit one specific user?
> >>> >>thread-index: AcaQtFVMOf6EmcDPQXm76YpLYW/d9Q==
> >>> >>X-WBNR-Posting-Host: 70.171.42.251
> >>> >>From: =?Utf-8?B?U3RldmVQ?= <(E-Mail Removed)>
> >>> >>Subject: How to audit one specific user?
> >>> >>Date: Thu, 15 Jun 2006 12:46:02 -0700
> >>> >>Lines: 6
> >>> >>Message-ID: <CDE6A2A5-EC51-4D50-BD57-(E-Mail Removed)>
> >>> >>MIME-Version: 1.0
> >>> >>Content-Type: text/plain;
> >>> >> charset="Utf-8"
> >>> >>Content-Transfer-Encoding: 7bit
> >>> >>X-Newsreader: Microsoft CDO for Windows 2000
> >>> >>Content-Class: urn:content-classes:message
> >>> >>Importance: normal
> >>> >>Priority: normal
> >>> >>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
> >>> >>Newsgroups: microsoft.public.windows.server.networking
> >>> >>Path: TK2MSFTNGXA01.phx.gbl
> >>> >>Xref: TK2MSFTNGXA01.phx.gbl
> >>> microsoft.public.windows.server.networking:39548
> >>> >>NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
> >>> >>X-Tomcat-NG: microsoft.public.windows.server.networking
> >>> >>
> >>> >>May I have suggestions on how to audit one specific user on my
> network
> >>> that I
> >>> >>suspect is downloading inappropriate music, video and other
> materials?
> >>> >>
> >>> >>I don't even know all that might be happening, thus the need to find
> out.
> >>> >>--
> >>> >>Thanks, Steve
> >>> >>
> >>>
> >>>
> >>
>
>

"SteveP" <(E-Mail Removed)> wrote in message
news:C4664C00-0320-46B3-B146-(E-Mail Removed)...
> Hi Vincent:
>
> The second question deals with something else. I have been ordered to
allow
> a 12 year old child onto my network for the summer. With all the
priviledges
> of a regular user. So, I set up a user account, internet, e-mail,
printers,
> everything just like a regular user. But this is not a regular user.
> Accidental damage could be done to important data on the network by this
> youngster.

1. Don't have him in the normal Domain Users Group.
2. Make a new Group. Call it "Little Brats" or something creative :-)
3. Add the kid to the Group
4. Make the Group "Little Brats" the Primary group of the account.
5. Remove the kid from the Domain Users Group
6. Now he can only access whatever the Little Brats Group (and the group
"Authenticated Users") is given permission to access,....which initially,
starting out,..is pretty much nothing.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

Hi Philip:

Sounds good.

Any idea hw I can monitor what the young person is up to as in downloading,
etc.?
--
Thanks, Steve


"Phillip Windell" wrote:

> "SteveP" <(E-Mail Removed)> wrote in message
> news:C4664C00-0320-46B3-B146-(E-Mail Removed)...
> > Hi Vincent:
> >
> > The second question deals with something else. I have been ordered to
> allow
> > a 12 year old child onto my network for the summer. With all the
> priviledges
> > of a regular user. So, I set up a user account, internet, e-mail,
> printers,
> > everything just like a regular user. But this is not a regular user.
> > Accidental damage could be done to important data on the network by this
> > youngster.
>
> 1. Don't have him in the normal Domain Users Group.
> 2. Make a new Group. Call it "Little Brats" or something creative :-)
> 3. Add the kid to the Group
> 4. Make the Group "Little Brats" the Primary group of the account.
> 5. Remove the kid from the Domain Users Group
> 6. Now he can only access whatever the Little Brats Group (and the group
> "Authenticated Users") is given permission to access,....which initially,
> starting out,..is pretty much nothing.
>
> --
> Phillip Windell [MCP, MVP, CCNA]
> www.wandtv.com
>
>
>

You know, it's funny, you always hear about the dangers of hackers and
viruses monitoring (and transmitting) all the actions of a user on your PC.
Yet, when you really want to track one of your own users that you have
complete control over, you find out how difficult this is! Just thought it
was worthy of note. I've never found any inexpensive way. And I've never had
the desire to look for expensive alternatives.

You can enable auditing but it is very kludgy and requires an enormous
amount of log interpretation. Even then, it doesn't tell you much except
logon/logoff times.

-Frank

"SteveP" <(E-Mail Removed)> wrote in message
news:7F5A51DF-EF0E-4678-B5F5-(E-Mail Removed)...
> Hi Philip:
>
> Sounds good.
>
> Any idea hw I can monitor what the young person is up to as in
> downloading,
> etc.?
> --
> Thanks, Steve
>
>
> "Phillip Windell" wrote:
>
>> "SteveP" <(E-Mail Removed)> wrote in message
>> news:C4664C00-0320-46B3-B146-(E-Mail Removed)...
>> > Hi Vincent:
>> >
>> > The second question deals with something else. I have been ordered to
>> allow
>> > a 12 year old child onto my network for the summer. With all the
>> priviledges
>> > of a regular user. So, I set up a user account, internet, e-mail,
>> printers,
>> > everything just like a regular user. But this is not a regular user.
>> > Accidental damage could be done to important data on the network by
>> > this
>> > youngster.
>>
>> 1. Don't have him in the normal Domain Users Group.
>> 2. Make a new Group. Call it "Little Brats" or something creative :-)
>> 3. Add the kid to the Group
>> 4. Make the Group "Little Brats" the Primary group of the account.
>> 5. Remove the kid from the Domain Users Group
>> 6. Now he can only access whatever the Little Brats Group (and the group
>> "Authenticated Users") is given permission to access,....which initially,
>> starting out,..is pretty much nothing.
>>
>> --
>> Phillip Windell [MCP, MVP, CCNA]
>> www.wandtv.com
>>
>>
>>

I'm afraid the "Star Trek" era has not yet arrived. :-)

Firewall devices typically keep logs of the internet access. But getting the
data out of the logs in a quick, convienient, and usable format is another
story. There are special products (read $$$$) that are designed for that
type of stuff that work as "add-ons" to firewalls and/or proxy servers.

Internal accesses can be audited by turning on auditing for the resource,...
but keep in mind that you are auditing the resources being accessed not the
user accessing them. You can't very well turn on auditing for every
possible resource,...there isn't anything large and powerful enough to
manage that ammount of data.

Then there are logs within Applications.....

Then there are logs produced by database systems like MS SQL Server,....

Then there are Web Server logs....

Then there are.....,and then......, and then......

In otherwords the answer is,..... I'm afraid the "Star Trek" era has not yet
arrived where you just ask the computer what the little brat has been doing
and it tells you all of it in a nice pleasant voice. :-)

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com


"SteveP" <(E-Mail Removed)> wrote in message
news:7F5A51DF-EF0E-4678-B5F5-(E-Mail Removed)...
> Hi Philip:
>
> Sounds good.
>
> Any idea hw I can monitor what the young person is up to as in
downloading,
> etc.?
> --
> Thanks, Steve
>
>
> "Phillip Windell" wrote:
>
> > "SteveP" <(E-Mail Removed)> wrote in message
> > news:C4664C00-0320-46B3-B146-(E-Mail Removed)...
> > > Hi Vincent:
> > >
> > > The second question deals with something else. I have been ordered to
> > allow
> > > a 12 year old child onto my network for the summer. With all the
> > priviledges
> > > of a regular user. So, I set up a user account, internet, e-mail,
> > printers,
> > > everything just like a regular user. But this is not a regular user.
> > > Accidental damage could be done to important data on the network by
this
> > > youngster.
> >
> > 1. Don't have him in the normal Domain Users Group.
> > 2. Make a new Group. Call it "Little Brats" or something creative :-)
> > 3. Add the kid to the Group
> > 4. Make the Group "Little Brats" the Primary group of the account.
> > 5. Remove the kid from the Domain Users Group
> > 6. Now he can only access whatever the Little Brats Group (and the group
> > "Authenticated Users") is given permission to access,....which
initially,
> > starting out,..is pretty much nothing.
> >
> > --
> > Phillip Windell [MCP, MVP, CCNA]
> > www.wandtv.com
> >
> >
> >