Re: How to detect the IPs of users who are using IM and P2P programs

[Mark Blaszczyk <mark () diversit com au>]

Greetings Nabeel,

    You would definitely want to look into ntop, this program is relatively
easy to install, and shows _ALOT_ of information.  It will identify the
abusive internal computers and show what applications they're using.

    http://www.ntop.org/ntop.html

    once compiled+installed, point your Web Browser to
http://example.com:3000/ and away you go.

Kind Regards,

Mark B.

On 29/11/05 2:19 PM, "Maher Odeh" <rax () netvision net il> wrote:

> Hello Nabeel
> You can always use QoS devices such as ALLOT to detect the traffic and analyze
> it in a way to show you P2P / Games / IM and more, but If you
> Wish to use a freeware and such you can use ethereal to sniff the data
> And then to analyze it, to implement ethereal you will need a port monitor
> On a switched network to see all traffic passing in the segment you wish to
> Monitor, if you wish a solution that's not freeware, try Sniffer Pro, there
> are much more tools but those the ones I use.
>
> Thanks
>
>
> -----Original Message-----
> From: Nabeel S. Alzahrani(نبيل الزهراني) [mailto:nalzahrani () gosi gov sa]
> Sent: Tuesday, November 29, 2005 06:37
> To: pen-test () securityfocus com
> Subject: How to detect the IPs of users who are using IM and P2P programs
>
> Dear All,
>
> Is there any tool/method that allow me to detect the IPs of users who are
> using IM (Instant Messaging i.e. MSN messenger, Yahoo messenger, ICQ, etc) and
> P2P (Peer-2-Peer programs such Kazaa) in our network?
>  
> Thanks
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers
> do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------------>
-
>  
>
>
>
>  
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers
> do! 
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------------>
-



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------