Re: [sleuthkit-users] Browser History Scanner

[DRSL M. <in...@ni...>]

<html><head></head><body class="" lang="en-US" style="background-color: rgb(255, 255, 255); line-height: initial;">                                                                                      <div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">Thanks, but I couldn't find anything of value relating to my request on the site!</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">Can you kindly shed more lights on what I should look for? May be I was checking a wrong link!</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">Regards, </div>                                                                                                                                     <div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);"><br style="display:initial"></div>                                                                                                                                                                                                   <div style="font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);">Bolanle&nbsp;O.&nbsp;Omotoso,&nbsp;<br>Ceo,&nbsp;<br>Data&nbsp;Recovery&nbsp;Specialist&nbsp;Ltd&nbsp;<br>https://nigeriadatarecovery.com&nbsp;<br>08035639710&nbsp;<br><br>Sent&nbsp;from&nbsp;Data&nbsp;Recovery&nbsp;Specialist&nbsp;wireless'&nbsp;device</div>                                                                                                                                                                                  <table width="100%" style="background-color:white;border-spacing:0px;"> <tbody><tr><td colspan="2" style="font-size: initial; text-align: initial; background-color: rgb(255, 255, 255);">                           <div style="border-style: solid none none; border-top-color: rgb(181, 196, 223); border-top-width: 1pt; padding: 3pt 0in 0in; font-family: Tahoma, 'BB Alpha Sans', 'Slate Pro'; font-size: 10pt;">  <div><b>From: </b>John Lehr</div><div><b>Sent: </b>Saturday, July 23, 2016 4:27 PM</div><div><b>To: </b>DRSL Mail</div><div><b>Cc: </b>Luís Filipe Nassif; sle...@li... users</div><div><b>Subject: </b>Re: [sleuthkit-users] Browser History Scanner</div></div></td></tr></tbody></table><div style="border-style: solid none none; border-top-color: rgb(186, 188, 209); border-top-width: 1pt; font-size: initial; text-align: initial; background-color: rgb(255, 255, 255);"></div><br><div id="_originalContent" style=""><meta http-equiv="Content-Type" content="text/html charset=utf-8">Take a look at GRR Rapid Response.&nbsp;<a href="https://github.com/google/grr" class="">https://github.com/google/grr</a><div class=""><br class=""></div><div class="">It was designed exactly for the type of investigation you propose.<br class=""><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Jul 23, 2016, at 7:55 AM, DRSL Mail &lt;<a href="mailto:in...@ni..." class="">in...@ni...</a>&gt; wrote:</div><br class="Apple-interchange-newline"><div class=""><div lang="en-US" style="background-color: rgb(255, 255, 255); line-height: initial;" class="">                                                                                      <div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class="">Hi,</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class="">Can anyone please advise a tool that can be run centrally on a network to uncover browsing history of the users?</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class="">This is urgently needed as our initial investigation revealed that a user created some malicious mails on this website : emkei.cz ‎ in order to defraud the Organization, although the attempt failed as the third party raised an alarm.</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class="">However, we need to know the user whose system was used to launch the malicious mails, we have individually scanned all the users in the affected department but all returned negative.</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class="">The firm has about 280 Machines, and so we need a tool that can be deployed centrally to check the browsing history of all the users.</div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class=""><br class=""></div><div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class="">Please help.</div>                                                                                                                                     <div style="width: 100%; font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class=""><br style="display:initial" class=""></div>                                                                                                                                                                                                   <div style="font-size: initial; font-family: Calibri, 'Slate Pro', sans-serif, sans-serif; color: rgb(31, 73, 125); text-align: initial; background-color: rgb(255, 255, 255);" class="">Bolanle&nbsp;O.&nbsp;Omotoso,&nbsp;<br class="">Ceo,&nbsp;<br class="">Data&nbsp;Recovery&nbsp;Specialist&nbsp;Ltd&nbsp;<br class=""><a href="https://nigeriadatarecovery.com" class="">https://nigeriadatarecovery.com</a>&nbsp;<br class="">08035639710&nbsp;<br class=""><br class="">Sent&nbsp;from&nbsp;Data&nbsp;Recovery&nbsp;Specialist&nbsp;wireless'&nbsp;device</div>                                                                                                                                                                                  <div id="_originalContent" style="" class=""><!--end of _originalContent --><br class=""></div></div>

------------------------------------------------------------------------------<br class="">What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic<br class="">patterns at an interface-level. Reveals which users, apps, and protocols are <br class="">consuming the most bandwidth. Provides multi-vendor support for NetFlow, <br class="">J-Flow, sFlow and other flows. Make informed decisions using capacity planning<br class="">reports.<a href="http://sdm.link/zohodev2dev_______________________________________________" class="">http://sdm.link/zohodev2dev_______________________________________________</a><br class="">sleuthkit-users mailing list<br class=""><a href="https://lists.sourceforge.net/lists/listinfo/sleuthkit-users" class="">https://lists.sourceforge.net/lists/listinfo/sleuthkit-users</a><br class="">http://www.sleuthkit.org<br class=""></div></blockquote></div><br class=""></div></div><br><!--end of _originalContent --></div></body></html>