Re: Re: Computer forensics to uncover illegal internet use

[jbreci () removethis unomaha edu]

I will agree with waiting to do anything to the PC itself, as the chain of evidence needs to be preserved.  I would not 
attempt to do this myself, as I know that my knowledge in computer forensics is still at its infancy stage.  Definitely 
get the local authorities involved.

However, that should not stop you from looking at any proxy logs, firewall logs or other network logs that you may 
have.  Hopefully, if you are using a proxy, people have been backing those up and you have copies of those.  The other 
logs, depending on how long ago this occurred, may or may not be around.  Thus, if it was some time ago, your network 
people may be right in stating that they do not have any information for you.

Viewing the logs of sites visited will not get you in trouble...however, if you get on the PC, recover files and look 
at those try to find evidence - that is another story all together.