Security Basics mailing list archives
Re: Linux or Unix distribution for network sniffing
From: Jonathan Leigh <dantevios () gmail com>
Date: Thu, 24 Jun 2010 10:21:29 -0500
Most Cisco switches and Brocade switches won't even allow you to log "every single packet" going through your network. If your network has too much data going over the wire, just having 1 machine to log all packets will not work. You can't just stick a box anywhere on your network and expect to log all traffic. You have to put it at a bottleneck that either feeds into the main switch or is the main switch itself. Any Linux distribution can log packets with wireshark. It really doesn't matter which one you choose. If your employees are using too much bandwidth and you need to control them, something like IPCop - http://sourceforge.net/apps/trac/ipcop/wiki is a linux distro that can do this I believe. A good article on what IPCop does can be found here: https://www.infosecisland.com/blogview/3624-Open-source-All-in-one-Security-Solutions-Part-2.html "IPCop is another open-source security solution that has been focusing on SOHO users (Small Office, Home Office), and the includes everything you need to do packet filtering, IDS / IPS, Web and DNS proxy, DHCP Server / Client, Openswan, OpenVPN, and NTP-server." "but some people are playing smart trying to use some anonymizers to access restricted websites." About the only way I can see you defeating employees misusing internet is to limit their bandwidth. If I were a malicious user and worked at your company not wanting to follow your policy, I would just vpn out to my own server or tunnel my traffic over SSH so you couldn't see what I was doing. On Wed, Jun 23, 2010 at 11:50 PM, Arnold Bush <arnoldwbush () gmail com> wrote:
Hristiyan IMHO, whether a software sniffer will work or not depends on 1- the line speeds 2- the amount of packet data you want capture 3- Whether you want to process them online or offline Otherwise, OpenBSD or CentOS might be good OSs to use because they are pretty good as far as security is concerned for a beginner like me. On Tue, Jun 22, 2010 at 2:12 PM, Hristiyan Lazarov <hristiyan.lazarov () gmail com> wrote:Hello, I'm new to this mail list so lets first introduce myself - my name is Hristiyan Lazarov and I'm currently working as an Enterprise Security Specialist for a UK based company. I'm looking to implement in our organisation *NIX based network sniffer. Basically, I want to trace and record every single packet that is coming to, or going out from my network. We are working with sensitive information, that's why my employer want me to record the traffic at least 1 month back. We have a proxy which is dealing with our HTTP traffic but some people are playing smart trying to use some anonymizers to access restricted websites. Any suggestions would be greatly appreciated. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- -- Thank you, Jon Leigh ========================================================== Email: Dantevios () gmail com Website: http://www.dantevios.com Facebook: http://www.facebook.com/dantevios Gtalk: Dantevios () gmail com ICQ: 577683269 AIM: Dantevios MSN: Dantevios () hotmail com Yahoo: Dantevios () yahoo com Skype User: Dantevios Skype #: 662-524-3653 ========================================================== ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Linux or Unix distribution for network sniffing, (continued)
- Re: Linux or Unix distribution for network sniffing John Morrison (Jun 24)
- Re: Linux or Unix distribution for network sniffing jcoyle (Jun 24)
- Re: Linux or Unix distribution for network sniffing John Morrison (Jun 25)
- Re: Linux or Unix distribution for network sniffing Bitu (Jun 28)
- Message not available
- Re: Linux or Unix distribution for network sniffing John Morrison (Jun 28)
- Re: Linux or Unix distribution for network sniffing Enrico (Jun 29)
- Re: Linux or Unix distribution for network sniffing jcoyle (Jun 24)
- Re: Linux or Unix distribution for network sniffing John Morrison (Jun 24)
- RE: Linux or Unix distribution for network sniffing Lauren Twele (Jun 24)
- Re: Linux or Unix distribution for network sniffing Zhu Sha Zang (Jun 25)
- Re: Linux or Unix distribution for network sniffing Bitu (Jun 28)
- Re: Linux or Unix distribution for network sniffing Jonathan Leigh (Jun 24)