Security Basics mailing list archives

RE: Monitoring office web use

From: "Steve Anderson" <steve.anderson () bipcontracts com>
Date: Thu, 30 Jan 2003 17:20:58 -0000

One way you could do it, is to run squid as a proxy. (as well as
blocking all outbound to port 80 traffic, that isn't from the proxy)

That way, you can restrict the access (with black lists), reduce the
usage of your connection (because of caching) , and monitor peoples
access (from the squid logs)

Might not be pretty, but it's a good way of doing it, and has the
advantage of being a free open source application. Also means you don't
have to span any ports, or stick a hub in just before the firewall.


Steve Anderson

-----Original Message-----
From: Sedat DOGRU [mailto:sdogru () blue-tec net] 
Sent: 30 January 2003 16:09
To: security-basics () securityfocus com
Subject: Monitoring office web use

Hi,

We are searching some (preferrably free source or at most 
cheap) tools 
that can be used to monitor internet usage. The tool should 
be able to 
runon linux, directly on the command line or as a deamon.The 
tool should 
provide us the DNS names of the hosts that are connected to together 
with the connection times.

I have done a search on google but could not find only some advanced 
(and probably expensive) tools.

I've found that with extra scripting effort tcpdump, snort or tcpflow 
can be made do the work, but I want to first find an easier solution

If you know any tools, please let me know

Thanks in advance,

-- 
Sedat Dogru




****************************************************************************
This e-mail (and any attachment) is intended only for the attention
of the addressee(s). Its unauthorised use, disclosure, storage
or copying is not permitted. If you are not the intended recipient,
please destroy all copies and inform the sender by return e-mail. 
This e-mail (whether you are the sender or the recipient) may be 
monitored, recorded and retained by Business Information 
Publications Limited (BiP). E-mail monitoring/ blocking software 
may be used, and e-mail content may be read at any time.You 
have a responsibility to ensure laws are not broken when composing 
or forwarding e-mails and their contents.
****************************************************************************

Current thread:

RE: Monitoring office web use Hunt, Jim (Jan 31)
- <Possible follow-ups>
- Monitoring office web use Sedat DOĞRU (Jan 31)
  - RE: Monitoring office web use Steve Anderson (Jan 31)
  - RE: Monitoring office web use Burton M. Strauss III (Jan 31)
  - Re: Monitoring office web use Valter Santos (Jan 31)
  - RE: Monitoring office web use David Lubowa (Jan 31)
  - Re: Monitoring office web use Mike Robinson (Jan 31)