A question about browser history

[mike.mikemiller at gmail.com (Michael Miller)]

Are you talking about one ore two violations or 2 or 4 hours worth of
porn surfing?  Does the machine have malware on it?  There have been a
few cases of malware doing http gets on porn sites.

On Tue, Nov 3, 2009 at 9:38 AM, Dorne Mabais
<dorne.mabais at googlemail.com> wrote:
> I have a situation at a client's that I would appreciate some help with. An
> employee was flagged as visiting "adult" sites (which is surprising since
> their proxy is not exactly current or well setup), and a quick look at the
> browser history showed traces of this (firefox 3.5). But in my brief
> exposure to forensics I have been told, "do not look for evidence of guilt
> or innocence, just look for evidence". This employee seems honestly shocked
> about this and swears that he did not do it (even has suggested taking a
> lie-detector test to prove it!) and some of the sites do seem like those
> that are ad funded and I know those can be more then meets the eye. So I
> have been trying to find out if it is possible that he is actually innocent.
> I have done some reading and hidden iframes would explain the proxy traffic
> but as far as I know, those do not show in the browser history (?). I am
> sure that a pop-up window would not have been it either. I admit my
> web-security-fu is not at a very high level, so I would like to ask if
> anyone knows of a way this could have happened which backs up the employee's
> story or do I just go ahead and assume guilt?
>
> Thanks
>  Dorne
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com