Security Basics mailing list archives
Re: Investigation- Web pages visited
From: "Bryan S. Sampsel" <bsampsel () libertyactivist org>
Date: Wed, 2 Nov 2005 13:52:43 -0700 (MST)
Set up Ethereal and have it sniff for that site...you should be able to dissect the traffic from there and get your information. The other option would be to set up a web proxy and switch everyone over to it, have it log web usage, and sift through the logs. Not my idea of fun, but hey. The Ethereal (or Sniffer) solution is much more targeted on a suspected problem and less of a shotgun approach. Sincerely, Bryan S. Sampsel LibertyActivist.org Steve Barron wrote:
Hi I am trying to investigate some possible corporate policy violations, mostly involving porn. My IDS matches rules for certain criteria and looks for banned words in html. When I get the ip, i can query it, but most of the time I get info about a hosting provider. When I attempt to access the ip http://155.X.X.X i get either some generic page or a 404 error. Is there any way to find out what sites are hosted at a given IP? My logs have not been much help for this. Thanks Steve
Current thread:
- Investigation- Web pages visited Steve Barron (Nov 02)
- Re: Investigation- Web pages visited Bryan S. Sampsel (Nov 03)
- Re: Investigation- Web pages visited Saqib Ali (Nov 03)
- Re: Investigation- Web pages visited Brian Loe (Nov 03)
- RE: Investigation- Web pages visited David Gillett (Nov 03)
- Re: Investigation- Web pages visited Austin Murkland (Nov 04)
- Re: Investigation- Web pages visited Mark Owen (Nov 07)