I'm consulting at a medium-sized company - about 5,000 desktops. We have a problem with a few users surfing porn and other "bad" sites while on the job.

The problem is all the IP-addresses are dynamic (DHCP-generated) and it's impossible to tell who was logged in at the time. Anyone familiar with a tool to help find out who these users are???

Thanks.

A fire wall can always help you to restrice access...In my father's intitutions computer network they use a software called cyberroam...any mail internet address with chat,xxx,se*,mail or such banned words will be blocked...

also you can use a proxy server (write your own in java) to restrict or log user activities...

hope this helps...

how about translating the desktop ip address to a logged-in user name? The problem with a list of forbidden sites is that it is never up-to-date (as far as we've seen).

we need a way to track down who the users are who are doing the "illicit" stuff...

thanks!

But all computers has acess to Internet via some Proxy-Server, right? If so, why U cannot simply analyze proxy logs. It has a user internal IP + remote site IP where it is connection (or was connecting). So by user IP (IP of your internal company network U can find a computer and user which works on it) for remote IP - remote site (it can write full path www.***.***, but depends of proxy config).

on install "net nanny" ;)

or bar all sites except the ones needed for your business.... not fesible is'nt it ?