Re: [gentoo-user] Network Monitoring
Hi, On Wed, 17 Oct 2007 10:38:10 -0400 James Colby [EMAIL PROTECTED] wrote: I am looking for some advice. We have a user on our network that we belive may be making inappropriate forum posts, violating our TOS for internet usage. I am looking for some recommendations of software that I can install on Gentoo server to help us monitor these posts. Can anyone recommend a proxy package that could help me to monitor this. I would prefer to do this transparently but we do have access to configure a proxies on the users browser. Is this something that Squid can do? You won't get HTTPS traffic without spoofing certificates, which might not get trough unnoticed. But HTTP is just plain text, so probably you can just run $ tcpdump -w - -i ethN -s 1600 port 80 and src 192.168.your.enemy | tee fulldump | strings for one or two days and be done with it. Note that the traffic you're interested in the most is outgoing traffic (HTTP POST) if you're looking for offensive communication originating from that user. Of course, all of this is probably illegal if that user hasn't agreed on monitoring measures (which means you'll probably not be able to use it as a proof before court) -- and even that might be prevented by local law. Also have a look at the dsniff package, especially at urlsnarf. But this would just give you the URLs... -hwh -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Network Monitoring
On Wed, Oct 17, 2007 at 04:57:54PM +0200, Uwe Thiem wrote: I have no recommendation but would like to remind you of one thing: What you are trying to achieve is a serious breach of privacy. All users of this network are made aware of the Acceptable use policy of this network, and understand that we have reserved the right to monitor this network to ensure compliance with that policy. Until now we have not felt the need for monitoring, but certain violations have been brought to out attention, and we feel as though we need to do something about it. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Network Monitoring
On Wednesday 17 October 2007, Tapio Raevaara wrote: Network monitoring can be interpreted in many different ways, are you sure your users realize what that really means? Unless you've already done so, it might be a good idea to send a message reminding of the policy to all users, mention that a single user has been violating that policy, and that if this will not stop immediately, you'll be forced to start monitoring the traffic. I'd go further than that, I would be more specific regarding the way in which that user violated the policy: e.g. used company IT equipment to access 'such such' type of website in company time. In my company, 'social networking websites' like myface, youtube and what not, are out of bounds. Ditto for ebay - employees were spending far too much time browsing deals on ebay. Also, what are the implications of violating the policy - speak to your HR department first and reiterate these in the same message; e.g. porn may be instant dismissal, but ebay may just result in a disciplinary hearing. Then check that (s)he (and others) don't just use anonymouse to get to their preferred websites . . . -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Network Monitoring (graphical web app)
Haven't tried it, but it seems to be worth a look, so I would add http://www.zabbix.com/ 2005/8/3, Michael Crute [EMAIL PROTECTED]: I use Nagios and Cacti with much success. http://www.nagios.org/ http://www.cacti.net/ -Mike On 8/3/05, Chris Frederick [EMAIL PROTECTED] wrote: Hi all, I've been looking for a monitoring app that I can run on my server/gateway. The more graphical the better, I really like the looks of the graphs from ipac and grapher. But I'd like to get more details than just total interface statistics. I'd like to be able to see a graph for the total, but also a few extra graphs for watching specific ports (21, 22, 25, 80, 443, etc...). Being able to monitor procs, specific procs, and memory and stuff would be nice, but I can get that from other apps if needed. Any suggestions/recommendations? Thanks all, Chris Frederick -- gentoo-user@gentoo.org mailing list -- Michael E. Crute Software Developer SoftGroup Development Corporation In a world without walls and fences, who needs windows and gates? -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Network Monitoring (graphical web app)
On Wed, 3 Aug 2005, Michael Crute wrote: I use Nagios and Cacti with much success. http://www.nagios.org/ http://www.cacti.net/ -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Network Monitoring (graphical web app)
On Wed, 3 Aug 2005, Chris Frederick wrote: I've been looking for a monitoring app that I can run on my server/gateway. The more graphical the better, I really like the looks of the graphs from ipac and grapher. But I'd like to get more details than just total interface statistics. I'd like to be able to see a graph for the total, but also a few extra graphs for watching specific ports (21, 22, 25, 80, 443, etc...). Being able to monitor procs, specific procs, and memory and stuff would be nice, but I can get that from other apps if needed. Any suggestions/recommendations? ntop ? -- -- gentoo-user@gentoo.org mailing list
