Jeff-
Some ideas that might work:
1. Use netflow and one of the free tools (like flowscan & rrd tool).
Check caida.org
2. Webtrends Firewall suite (this is probably the best app for you, as
it has tons of reports, but it can be pricey)
3. Use an IDS system that captures all the packets, then write your own
code to parse them.
4. Websense in conjunction with your firewall.
What you should look at for a tool depends on the exact requirements of
what you need to do. Do you want to capture all traffic, or just web
traffic? FTP? Outbound email? Just the port usage through the router? Is
knowing where people are going important, or just what they are doing?
Are you concerned more about inbound traffic from the Internet, or
traffic outbound?
All of these questions will help you to decide what you want to capture,
and should help you with selecting a tool for the job.
Good luck.
Andras
-----Original Message-----
From: cisco skin [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, August 28, 2001 12:04 PM
To: [EMAIL PROTECTED]
Subject: Logging traffic [7:17559]
Here's what I want to do:
Log all traffic (source/destination ip address/port #) from a specific
subnet (our HQ) to see what's passing through our external router, and
where
they're going.
Any suggestions?
Thanks,
Jeff
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=17672&t=17559
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
