Security Basics mailing list archives
RE: Web logging
From: "Stephane Auger" <stephaneauger () pre2post com>
Date: Wed, 17 Nov 2004 22:05:48 -0500
Hi everyone, Just wanted to thank all of you on your great feedback of this issue. I still haven't made my decision yet, but you've enlightened me on all the different possibilities available. So kudos to everyone! Stephane Auger -----Original Message----- From: Ted Percival [mailto:ted () mrphp com au] Sent: November 12, 2004 9:51 PM To: Stephane Auger Cc: security-basics () securityfocus com Subject: Re: Web logging I recommend Squid (http://www.squid-cache.org/). Its primary use is as a cache for HTTP requests, but by default it logs _all_ requests. You can set it up to work transparently - ie. client machines won't need any special configuration to use it. With a bit more tinkering you can even completely hide it by removing all the headers it adds, although IMO it's best to leave most of them in. As for slowing down the network, it'll only speed it up. The online documentation as well has the inline documentation (in its config file) is very good - special instructions are provided for setting it up as a transparent proxy. As far as monitoring only particular machines/users, you could achieve it by grepping (filtering) the logs, or (I'm not sure) it might even allow you to specify which machines to log requests from. Ted Percival Stephane Auger wrote:
Hi everyone, one of my customers have requested a way to log the web sites that a few employees go to, for an employee review. They don't want to "spy" the client computers, more like installing a sniffer on the network
just
for them. Now, I know all about Snort, but I don't think this kind of tool would do the job. Would anyone know of some kind of "invisible" proxy that would just help me log all HTTP/FTP requests? Also, the
tool
musn't slow down the network considerably, since I've seen that happen before with a few different apps. And I'm open to solutions under Windows, Linux and BSD. Thanks! Stephane Auger
Current thread:
- Web logging, (continued)
- Web logging Stephane Auger (Nov 15)
- Re: Web logging Michael C. McDonnell (Nov 15)
- RE: Web logging Omar Salvador Alcalá Ruiz (Nov 15)
- RE: Web logging ttate (Nov 15)
- RE: Web logging Dante Mercurio (Nov 15)
- RE: Web logging Stephane Auger (Nov 15)
- Re: Web logging Michael C. McDonnell (Nov 15)
- Re: Web logging Ted Percival (Nov 16)
- Re: Web logging Julen C (Nov 16)
- Re: Web logging Temple Tiger (Nov 17)
- RE: Web logging Stephane Auger (Nov 18)
- Web logging Stephane Auger (Nov 15)