IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IM & P2P packets

From: Lachlan Bowes <lachlan () silknetworks com>
Date: Sat, 03 Dec 2005 18:42:35 +1100
Probably one of the simplest and cheapest things you could do would be
to sniff data on your network for certain ports. All the P2P software
use unique ports, get a list of say the top20 P2P networks and their
ports and you'll probably the get results you're after. 

If you have an IDS you could configure some signatures to alarm on per
port/per session traffic.

Regards,
        Lachlan

On Tue, 2005-11-29 at 08:06 +0300, ahmad mubarak wrote:

hi all

i am new in infoSec field so my boss asked me to give him
a list of IM and P2P users in our network

i searched the Internet to find any tool to help in this task but no result

so is there any one can help !!! to achieve this task

ideas , tools , procedures will appreciated


thanx

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------





------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: