Security Basics mailing list archives
Re: Web logging
From: Ted Percival <ted () mrphp com au>
Date: Sat, 13 Nov 2004 12:50:49 +1000
I recommend Squid (http://www.squid-cache.org/). Its primary use is as a cache for HTTP requests, but by default it logs _all_ requests. You can set it up to work transparently - ie. client machines won't need any special configuration to use it. With a bit more tinkering you can even completely hide it by removing all the headers it adds, although IMO it's best to leave most of them in.
As for slowing down the network, it'll only speed it up. The online documentation as well has the inline documentation (in its config file) is very good - special instructions are provided for setting it up as a transparent proxy.
As far as monitoring only particular machines/users, you could achieve it by grepping (filtering) the logs, or (I'm not sure) it might even allow you to specify which machines to log requests from.
Ted Percival Stephane Auger wrote:
Hi everyone, one of my customers have requested a way to log the web sites that a few employees go to, for an employee review. They don't want to "spy" the client computers, more like installing a sniffer on the network just for them. Now, I know all about Snort, but I don't think this kind of tool would do the job. Would anyone know of some kind of "invisible" proxy that would just help me log all HTTP/FTP requests? Also, the tool musn't slow down the network considerably, since I've seen that happen before with a few different apps. And I'm open to solutions under Windows, Linux and BSD. Thanks!Stephane Auger
Current thread:
- Web logging Stephane Auger (Nov 12)
- Re: Web logging Anthony J. Cogan (Nov 15)
- Re: Web logging Josh Nerius (Nov 15)
- Re: Web logging Ted Percival (Nov 15)
- Re: Web logging K. K. Mookhey (Nov 16)
- <Possible follow-ups>
- Re: Web logging Web Manager (Nov 15)
- Web logging Stephane Auger (Nov 15)
- Re: Web logging Michael C. McDonnell (Nov 15)
- RE: Web logging Omar Salvador Alcalá Ruiz (Nov 15)
- RE: Web logging ttate (Nov 15)
- RE: Web logging Dante Mercurio (Nov 15)
- RE: Web logging Stephane Auger (Nov 15)
- Re: Web logging Michael C. McDonnell (Nov 15)
- Re: Web logging Ted Percival (Nov 16)
(Thread continues...)