RE: Web logging

["Stephane Auger" <stephaneauger () pre2post com>]

I see what you mean, the problem is that our firewalls are routers, and
these don't log the requests going out.  So I'm kind of stumped on that.
As for the few replies I got about a proxy, doesn't that create a
considerable slowdown on the network?
 

Stephane Auger

-----Original Message-----
From: Web Manager [mailto:jburke () aea11 k12 ia us] 
Sent: November 12, 2004 3:32 PM
To: Stephane Auger
Subject: RE: Web logging

Wouldn't this just be processing the firewall logs?  Firewall records
each
outbound request and requestor.  Simply sort by http request to
www.whatever.com and take time/date/IP stamps.  If no firewall, I'd
think
about one.  You could implement smoothwall or some other open source
firewall for little cost.  Packet sniffing seems to be such overkill for
this task.

This seems to be the most efficient course.

Joshua

-----Original Message-----
From: Stephane Auger [mailto:stephaneauger () pre2post com]
Sent: Friday, November 12, 2004 5:36 AM
To: security-basics () securityfocus com
Subject: Web logging


Hi everyone,

  one of my customers have requested a way to log the web sites that a
few employees go to, for an employee review.  They don't want to "spy"
the client computers, more like installing a sniffer on the network just
for them.  Now, I know all about Snort, but I don't think this kind of
tool would do the job.  Would anyone know of some kind of "invisible"
proxy that would just help me log all HTTP/FTP requests?  Also, the tool
musn't slow down the network considerably, since I've seen that happen
before with a few different apps.  And I'm open to solutions under
Windows, Linux and BSD.  Thanks!


Stephane Auger