Firewall Wizards mailing list archives
Re: Traffic Monitoring
From: Paul Dokas <dokas () cs umn edu>
Date: Tue, 6 May 2003 19:44:31 -0500
On Tue, 6 May 2003 09:54:13 +0500, "Zahid Ahmad Khan" <zahid () expertsystems net> wrote:
A research organization has asked me to look at an interesting situation. They are paranoid about pilferage of research work and want to monitor and log all email traffic (Vectors and contents of POP, SMTP & IMAP). They require the following: 1) Log all in and out bound emails (All employees have been duly informed of the fact). 2) Generate email vector logs. 3) Flag and stop any email with unauthorized contents. 4) Only interested in traffic on the WAN and Internet interface (E-1, E-3, OC-3, POS) 5) Do not want to log or see any internal traffic which might be contain sensitive R&D info.
You've got to be kidding. If these are their requirement, then why are they attached to the Internet at all? Email is the moron's file transfer protocol, therefore I suggest that you're only going to catch morons by examining email. Anyone who's serious about stealing information and has half a brain is not going to use the Internet connection at all. They're going to walk out the front door with a CD-R or a couple of floppies. Paul -- Paul Dokas dokas () cs umn edu ====================================================================== Don Juan Matus: "an enigma wrapped in mystery wrapped in a tortilla." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Traffic Monitoring Zahid Ahmad Khan (May 06)
- Re: Traffic Monitoring Paul Dokas (May 07)
- Re: Traffic Monitoring Paul Robertson (May 07)
- Re: Traffic Monitoring Bill Royds (May 07)
- Re: Traffic Monitoring Rama krishna prasad (May 07)
- Re: Traffic Monitoring Paul Robertson (May 07)
- Re: Traffic Monitoring Devdas Bhagat (May 07)
- <Possible follow-ups>
- Re: Traffic Monitoring Jesse Lep (May 09)
- Re: Traffic Monitoring Paul Dokas (May 07)