> Basically, what we would like to do is monitor outgoing packets from our
> local domain going out on the internet. Does anyone currently do anything
> like the? Or can someone suggest ways we might monitor such activity?
Yet another way to monitor packets is to use the "tcplogger" and
"extract" programs, which are part of the TAMU (Texas A&M University)
security package.
Running on Suns, tcplogger will log all the tcp packets on your
ethernet, and extract will filter tcplogger output based on things
like source network, destination network, source port and destination
port. Using these tools, it should be simple to log all finger packets
leaving your network for external sites.
It's available for anonymous ftp from sc.tamu.edu:pub/security/TAMU.
Del
---------------------------------------------------------------------
dela @
ee .
rochester .
edu rutgers!ur-valhalla!dela (716)275-5342
Computing and Networking Group, College of Engineering
University of Rochester, Rochester, NY
|
|
