Security Basics mailing list archives
RE: monitor traffic on host
From: "Weir, Jason" <jason.weir () nhrs org>
Date: Tue, 18 Sep 2007 14:16:46 -0400
Not sure of your network topology but replicate their switch port\use a hub or build a tap and use Wireshark (Ethereal) http://www.wireshark.org/. -J -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Kelly Keeton Sent: Friday, September 14, 2007 10:41 PM To: security-basics () securityfocus com Subject: monitor traffic on host I have a issue where I have been asked to monitor all web traffic on a employee. I need to as quick as possible set up a transparent device that will monitor and log all web traffic in the clear. anything sent or rx over the network. ideally it would also monitor smtp, ft, etc. i need real time reporting so tcpdump wont work, snort also i dont think is the correct answer. is there any "prebuilt" knoppix or vm-appliance that will accomplish this?
Current thread:
- monitor traffic on host Kelly Keeton (Sep 18)
- RE: monitor traffic on host Weir, Jason (Sep 18)
- RE: monitor traffic on host TVB NOC (Sep 18)
- RE: monitor traffic on host Sentissi, Mohamed (Simo) (Sep 18)
- Re: monitor traffic on host Steven Hollingsworth (Sep 18)
- Re: monitor traffic on host Kurt Buff (Sep 18)
- <Possible follow-ups>
- Re: monitor traffic on host network_intern (Sep 18)