Greg Brown wrote:
Does anyone know anything that will pull in data on a listening
interface (from a span port on a Cisco, for instance) that will log
traffic to a database then present a break-down of what that person
did, what protocols they used, what websites they visited, etc? Kind
of an intellignet traffic reporter? A watchdog so to speak? Does
anyone know of a linux/bsd package that will do this?
The front-end has to be fairly simple, something a non-techincal
manager can look at and go "holy crap, employee X is visiting
monster.com 450000 times per day, while only hitting the web app they
are supposed to enter data in 10 times a day".
I've never seen a commerical app to do this so I'm having a hard time
saying "just like product X, only linux-based and free".
Any ideas?
Greg
Check out nessus. I believe this tool is supposed to do this. PHLAK is a
CD distro that can help as well.
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
