On Tue, 22 Mar 2005, John Cole wrote:
> I'm not as interested in blocking as I am in reporting.
If you only want reporting of who goes where when then sniffing the
traffic with a URL sniffer will quite likely do fine.
Some interesting sniffers for looking at web traffic flying by:
ntop - lots of graphs, usage reports etc in general about the IP
traffic seen.
<url:http://www.ntop.org>
driftnet - show the images or MPEGs is being viewed by your users right
now
<url:http://www.ex-parrot.com/~chris/driftnet/>
dsniff - What urls, files emails etc is being seen on the wire?
<url:http://www.monkey.org/~dugsong/dsniff/>
ngrep - grep on your network traffic
<url:http://ngrep.sourceforge.net/>
ssldump - analyze (and decode if yours) SSL traffic
This is just a small collection of the sniffing tools I have found useful
over the years, apart from the pure packet sniffers like tcpdump or
ethereal. A more comprehensive list can be found here:
<url:http://www.stearns.org/doc/pcap-apps.html>
Regards
Henrik
Received on Tue Mar 22 2005 - 15:13:03 MST
This archive was generated by hypermail pre-2.1.9 : Fri Apr 01 2005 - 12:00:02 MST