network monitoring

ive got a good little scenario for you all.. at my house i have a dsl connection going to my dlink wireless n extreme router(DIR-655).. from there i have a direct wired conection to my PC desktop and one to my MAC desktop.. i also have my laptop my brother desktop and my dads desktop and laptop connected via wireless along with my moms mac and my xbox(brother wii he never uses and a nintendo ds and psp.. i think thats it).. recently my dad was victim to the windows antivirus 2008 rogue software thingamajig.. it was on his laptop.. i got his laptop cleaned up and looking perty.. but the next weekend he had 51 trojan downloaders.. among those were key loggers and all sorts of stuff.. now im not looking for malware help.. i got the laptop cleaned up again.. but i would like to know is there some way for me to monitor where hes going to on the internet without installing software on his computer? a couple of the different malware instances were tagged xbxgsporno.. att email.. yada yada yada.. im almost positive hes goin places he shouldnt be.. but i have no say where he goes to... but if its going to compromise my computers and the network i want to know where hes going so i can block ip addresses and/or enable parental controls... maybe even get something to filter incoming traffic such as websense or similar.. but does anyone have a solution for me to watch where hes going without putting software on his computer?

if i have to i will.. but i really prefer not to.. if it does come down to that anyone know a good key logger that i can get without compromising my computer..?

future thx for any replies.. (im allowed to do that right?) xP

 

Words of advice: Consult legal counsel before installing a key logger on any computer which you do not own.

If you own the router, you could probably set it up to SysLog to your computer in order to monitor traffic. How much detail you get from the log probably varies from router to router.

 

Hi
If the issue here is just a little spy work. it would be better to analazed the history of browsers, there is a lot of ways to prevent of erasing history. Either by using some utilites disabling ways of deleting history. or thru registry setting...
Keylogers are obsolete. First of all the real good ones are sharware. and Windows are not happy to share the territory with them. But the bigest problem is that every anty-spyware/virus/dialware utility will raise the alarm in 5minutes (just to proof how good they are) that you have a keyloger on board, thus spilling the beans...And I am sure You have installed some those, after what happened to You.
Anyway good hunting

 

i appreciate the replies.. i dont own the computer.. but i do own the router.. the computer is my dads.. and i still live with him and do all his maintenence crap on it.. he isnt technologically savvy at all.. but he does tend to hide his laptop when hes not using it..

yea it does have zonealarm on it as it did before he got all of his malware trouble... he just had a scan run again tonight designating another 10 trojan downloaders... but he manages to let zonealarm delete them and put the laptop away before i got to look at it..

i know i should know this.. but where should i be going to look for browser history and such.. i know i can get into the temprary internet files and temp files folder.. but that doesnt really give a good description of where all he has gone.. i really need a page by page list of websites.. not to confront him with but so i can do something to stop him from getting out to them.. right now i have all the parental controls and everything i could find active on his desktops.. and hes not happy with them at all.. i managed to tell him that it was probably something to do with the updates i ran the day before and that i hadnt seen anythign to that effect as of yet.. but eventually im going to have to turn them off... any other ideas to help my situation?

 

Hi Again
First of all, my keyboard is messed up, so please forgive (I am missing some letters+the output is unprediktible (I just used letter K)
Let's get to spywork stuff
I used to used kelogers but You must programmed all the keys and the output is inkredible, lot's of reading..Most of keyloggers email logs to address You pik Yourself..Some of them uninstall themself after time you set it up..and only show up on the skreen after using the hot key..Look right here there are some freeware and time limit shareware. one of them is named "kgb"or kgb is part of the name..Just look at all apps listed with deskription here at the Geeks. Make sure that the driver is on delayed startup.
Windows do not like boot or automatik startup of programs this type.
Also if the router is under Your kontrol..There is a tons of sniffers and analizing programs out there. My pik would be the Wireshark. install on your komputer (full install) with the Win Kap driver (the letter K is substitute). make sure that is running and start automatik..Windows don't like this
one too. But they use it for their own end. So all shall be ok. It will take you hours to programmed this applikation..but that is the best bet out there as a freeware. I used on Linux platform and it is a beauty..be ready for for few hundreds megabytes of output logs daily.
Depents how you programmed. but you will gather more intel then you bargain for.
Next idea of mine is...under the prentense.of trying new bakup program.Install 2 apps first
"Karen replikator" and/or "Kobian" (the letter K in Kobian is not korrekt. sorry for this but i am sure You are guessing the korrekt letter) Anyway target the Internet folders (You must be the administrator) exklude files like NTUSER, *.INI.*.DAT.LOG *DAT.LOG1 and so on..set it up for every 6 or so hours...password protekted. it does all it's work in the bakground with the speed of light..the Kobian will upload to the server of Your desire and You kan set it up to uninstall by itself after x amount of days..
looking for ways to get your hands on that loptop ? (hange the WEP key.without telling, You kan kreate stories about the possibilities of outage and You need to take look personaly
I Do hope that You do this for the valid reasons You mentioned. Otherwise it is highly Un-etiqual (etiquette) what You are up too..invading of privazy
It does not matter that motivations were out of konzern in the eyes of Law...Aktually it is a border-line...So think it over...You are the one who knows the real truth.
Sorry for my keyboard...Hope You and other readers plus Moderators give me a brake
for few days.
Thank You

 

ha! no problem bout the keyboard.. my boss man at work dropped his laptop and half the keys are missing.. so i have to guess what keys are what when working on it.. but that another story.. i appreciate your post.. yes it is for the reasons i mentioned.. but i think im going to just forget it.. he gave me the laptop to run whatever on... turned out that his desktop got a worm.. and i tiold him it might be from the laptop.. btw he picked up another couple of trojan downloaders in the last week... went back and looked at the zonealarm logs and the trojandownloaders are all labeled the same.. just different location on the harddrive.. maybe from the work we found on the desktop.. hopefully its not playing around on the network.. luckily his desktop and laptop were set to go on the guest side of the network and not in the main network(hehe)... but i am now working on cleaning it up and posting logs for expert opinions.. plus i just started working on learning the malware stuff from geeku on gekstogo.com.. i want to be able to do this on my own.. xD

thanks to everyone for their posts..

topic closed xD