If you can't install any network monitoring or content filtering tools, you still have a few more options:
- Enable HTTP, etc. logging on your firewall and trace it back that way.
- Install an undelete utility on each PC that allows you to undelete cookies or history files.
- Utilize forensics or data-recovery tools that can recover deleted files (there are dozens). There are commercial, freeware and open-source that will allow you to go in and see what was deleted. You'd have to do this pretty quickly before the data's entries on the hard drive are overwritten with new data, though.
- Automatically backup each user's cookies and history files to your server for offline access. You could schedule a batch file that does this on every PC at random times every day. You'd have to do this fairly often though to make sure you copy the files before they are deleted.
For more information on this topic, visit these other SearchSecurity.com resources:
This was first published in March 2003