Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How to detect the IPs of users who are using IM and P2P programs

From: Murali Raju <protocoljunkie () gmail com>
Date: Tue, 29 Nov 2005 09:28:55 -0500
Analysis should not stop or even start with just a protocol anaylzer
(say Ethereal). You can apply NSM (Network Security Monitoring)
principles using a reference implementation like SGUIL
(http://www.sguil.net) for a more robust architecture. To get an idea
/ example take a look at Structured Traffic Analysis available as a
PDF here:

http://www.insecuremagazine.com/INSECURE-Mag-4.pdf

and NSM

http://www.taosecurity.com/nsm_ws_aost.pdf


Cheers,

_Raju

On 11/28/05, Nabeel S. Alzahrani(نبيل الزهراني) <nalzahrani () gosi gov sa> wrote:

Dear All,

Is there any tool/method that allow me to detect the IPs of users who are using IM (Instant Messaging i.e. MSN 
messenger, Yahoo messenger, ICQ, etc) and P2P (Peer-2-Peer programs such Kazaa) in our network?

Thanks


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------





--
May the packets be with you.
Previous By Date Next
Previous By Thread Next

Current thread: