Security Basics mailing list archives

RE: monitor traffic on host

From: "Sentissi, Mohamed (Simo)" <msentissi () rightnow com>
Date: Tue, 18 Sep 2007 12:14:03 -0600

How about you just span only this guy port from the switch ?

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Kelly Keeton
Sent: Friday, September 14, 2007 8:41 PM
To: security-basics () securityfocus com
Subject: monitor traffic on host

I have a issue where I have been asked to monitor all web traffic on a
employee. I need to as quick as possible set up a transparent device
that will monitor and log all web traffic in the clear. anything sent
or rx over the network. ideally it would also monitor smtp, ft, etc. i
need real time reporting so tcpdump wont work, snort also i dont think
is the correct answer. is there any "prebuilt" knoppix or vm-appliance
that will accomplish this?

Current thread:

monitor traffic on host Kelly Keeton (Sep 18)
- RE: monitor traffic on host Weir, Jason (Sep 18)
- RE: monitor traffic on host TVB NOC (Sep 18)
- RE: monitor traffic on host Sentissi, Mohamed (Simo) (Sep 18)
- Re: monitor traffic on host Steven Hollingsworth (Sep 18)
- Re: monitor traffic on host Kurt Buff (Sep 18)
- <Possible follow-ups>
- Re: monitor traffic on host network_intern (Sep 18)