[SOLVED] Track all device level internet surfing history (at router)

nj121

Distinguished
Feb 3, 2010
7
0
18,510
Hi,

I have a TP-Link Deco M5 mesh router in my house. this router isn't able to give me a report of each device's browsing history. It just give me a information for a recent timestamp but I can't go back a couple of days.

I have been looking to track all my devices browsing history. My last options is to change this expensive router to another expensive router.

Is there any software/cloud solution out there which can track each device's browsing history? (I don't want to install any software on each mobile and laptops)

I looked at OpenDSN and it doesn't give you device level history. Only the accumulated history.


Thank you
 
Solution
The only way you can track stuff is to load software on the client.

The key thing that blocks you is HTTPS. This all started when mr snowden leaked the data that the US government was spying on everyone. This prevents you from seeing the URL.

The ISP and I suspect the government then went to intercepting the DNS so they could to some extent tell what people were up to. Since companies like ATT are complaining real loud about encrypted DNS I suspect it prevents their spying. They were using it to try to place limits on certain types of traffic on their phone data plans.

Now it is technically possible to forge the certificates so you can do man in the middle attacks. This only works when you can load you "fake" server into...

kanewolf

Titan
Moderator
Hi,

I have a TP-Link Deco M5 mesh router in my house. this router isn't able to give me a report of each device's browsing history. It just give me a information for a recent timestamp but I can't go back a couple of days.

I have been looking to track all my devices browsing history. My last options is to change this expensive router to another expensive router.

Is there any software/cloud solution out there which can track each device's browsing history? (I don't want to install any software on each mobile and laptops)

I looked at OpenDSN and it doesn't give you device level history. Only the accumulated history.


Thank you
You will have limited visibility because most traffic is encrypted. You can get some insight by using PIHole for your DNS.
 
Opendns is getting pretty close to a dead solution. Encrypted DNS is in one of the test builds of win10 so "soon" all dns will be encrypted.. Firefox I think turned it on by default "again". There were some bugs but I think the current version has it on. Chrome also supports encrypted DNS but I don't know what the default status is.

You would have to block these services at a ip level. firefox and chrome are using https so you can no longer tell by protocol. All you can do is attempt to block cloudflare and googledns servers, unfortunately those are the most popular dns servers.

All you can realistically even think to do is collect IP addresses and how much traffic. There is no way to 100% for sure know what a IP maps to due to all the hosting.

Pretty much the bad guys (including the ISP) have abused tracking so much that everything is now fully encrypted.
 

nj121

Distinguished
Feb 3, 2010
7
0
18,510
Thank you for your detailed response. So at this point its not easy to track the teenagers browsing history. Ohhh man, I thought I would be able to do it easily with software like PRTG.

One last question: in old time we use to track the history using routers log, can that still work or not possible due to encryption (sorry for the basic question but I am newbie in this topic)
 
The only way you can track stuff is to load software on the client.

The key thing that blocks you is HTTPS. This all started when mr snowden leaked the data that the US government was spying on everyone. This prevents you from seeing the URL.

The ISP and I suspect the government then went to intercepting the DNS so they could to some extent tell what people were up to. Since companies like ATT are complaining real loud about encrypted DNS I suspect it prevents their spying. They were using it to try to place limits on certain types of traffic on their phone data plans.

Now it is technically possible to forge the certificates so you can do man in the middle attacks. This only works when you can load you "fake" server into the list of authorized servers on the client and disable the warning messages. This is really only something a company can do with its corporate machines that they control.

If you want to limit things I would look to parental control software. I used to like a software called K9. It was given away for free by a company that made the bluecoat content filters devices. This company was sold and last I saw k9 was supported by the community. The companies that made these content filter are pretty much out of business because of the encryption.
 
Solution