?
Solved

Packet tracking

Posted on 1997-09-01
2
Medium Priority
?
219 Views
Last Modified: 2010-03-18
Hello,
I recently set up a network where I have several win95 machines being masqueraded behind a linux box router/firewall. Whell there isn't a firewall installed. i just turned off all the services and have packet filering in place.
My question is, is there a way to keep track of what the users are doing? See, big brither wants to make sure that the eomployees are not abusing their privileges on the net by wasting time on some IRC port, or browsing web sites that they shoudn't be watching. Or playing net doom etc.
I know that FWTK has this feature but I don't think I want to try to install the a firewall. I don;t really need it!
As the system is now, you can't log into the fireewall unless you are at the keyboard plugged into the box itself. And since the intranet si using 192.168 class, there really isn't a way an outsider could access them... Right?
Thanks for your help
Marcelo
0
Comment
Question by:sinner052397
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Accepted Solution

by:
sauron earned 200 total points
ID: 1586396
Well, you can add the -o option to the end of some of your firewall rules, which will cause packets matching those rules to be logged via syslog, but this has a few disadvantages. It it pretty inflexible, so if you wanted to log traffic to 10 different IP's, you'd need 10 firewall rules :-(. It also logs a message for each packet, so be prepared for very large log files indeed. To make use of the information, you'd probably need a Perl script of something to filter out the garbage, and give you sensible information.

If you want something better, you could go to:-

http://reptile.rug.ac.be/~coder/sniffit/sniffit.html

and pick up the Sniffit package. This will do logging if you set it up right, and does loads of other things to. You may want to keep this away from your users - its potential for abuse is almost unlimited....
0
 

Author Comment

by:sinner052397
ID: 1586397
Thank you for the quick reply--faster than newsgroups :-)
0

Featured Post

Command Line Tips and Tricks

The command line is a powerful tool at the disposal of every Linux user. Although Linux distros come with beautiful user interfaces, it's worthwhile to learn the command line because it allows you to do a number of things that you otherwise cannot do from the GUI.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question