Security Basics mailing list archives
RE: Linux or Unix distribution for network sniffing
From: Elliot van Gisteren <evangisteren () ssi-solutions com>
Date: Thu, 24 Jun 2010 10:38:48 -0600
Get a switch that can mirror ports, mirror the port going to out of your network (gateway port) and throw a traffic sniffer on it (wireshark, tcpdump) and constantly log, if you really want. But really this is no complete solution. What you really want to do is lock down your network via outbound (from internal) ACLs and user restrictions on the workstations themselves (limit OS functionality). If the employee's can't be trusted then take away their luxuries until they fall in line. -Elliot -----Original Message----- From: Hristiyan Lazarov [mailto:hristiyan.lazarov () gmail com] Sent: Tuesday, June 22, 2010 3:13 AM To: security-basics () securityfocus com Subject: Linux or Unix distribution for network sniffing Hello, I'm new to this mail list so lets first introduce myself - my name is Hristiyan Lazarov and I'm currently working as an Enterprise Security Specialist for a UK based company. I'm looking to implement in our organisation *NIX based network sniffer. Basically, I want to trace and record every single packet that is coming to, or going out from my network. We are working with sensitive information, that's why my employer want me to record the traffic at least 1 month back. We have a proxy which is dealing with our HTTP traffic but some people are playing smart trying to use some anonymizers to access restricted websites. Any suggestions would be greatly appreciated. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: Linux or Unix distribution for network sniffing, (continued)
- Re: Linux or Unix distribution for network sniffing John Morrison (Jun 25)
- Re: Linux or Unix distribution for network sniffing Bitu (Jun 28)
- Message not available
- Re: Linux or Unix distribution for network sniffing John Morrison (Jun 28)
- Re: Linux or Unix distribution for network sniffing Enrico (Jun 29)
- RE: Linux or Unix distribution for network sniffing Lauren Twele (Jun 24)
- Re: Linux or Unix distribution for network sniffing Zhu Sha Zang (Jun 25)
- Re: Linux or Unix distribution for network sniffing Bitu (Jun 28)
- Re: Linux or Unix distribution for network sniffing Jonathan Leigh (Jun 24)