Greg Brown wrote:
Does anyone know anything that will pull in data on a listening
interface (from a span port on a Cisco, for instance) that will log
traffic to a database then present a break-down of what that person
did, what protocols they used, what websites they visited, etc? Kind
of an intellignet traffic reporter? A watchdog so to speak? Does
anyone know of a linux/bsd package that will do this?
The front-end has to be fairly simple, something a non-techincal
manager can look at and go "holy crap, employee X is visiting
monster.com 450000 times per day, while only hitting the web app they
are supposed to enter data in 10 times a day".
I've never seen a commerical app to do this so I'm having a hard time
saying "just like product X, only linux-based and free".
Any ideas?
Greg
http;//ntop.ethereal.com/ntop.html
Just be careful to exclude your workstation from the span, so as not to
expose your pr0n traffic to your boss sudden keen insight into traffic
flows through ntop. It's not perfect, but it's pretty nice for
relatively small environments.
Aaron S. Joyner
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
