Ras clients and the internet.....

I am using win2000 adv server.
I have RAS dial-up clients that connect to my network
and access the internet from there. This is pretty much the same as an ISP/Customer relationship where the whole purpose of them connecting to my network is to gain access
to the internet. Now here's the catch...I want to be able
to see where my ras clients are going on the internet. I
would like to be able to see the URLs of ALL the sites they visited, Or something similar, Also, maybe even how
much time was spent at each site. Does win2000 adv server
have anything that would contain this info, and if not,
Where can I get some free software to install on my server
that will give me the info I want?

PLEASE DO NOT LOCK THIS QUESTION BY PROPOSING ANSWER!!
Leave a comment so others can do the same, and I will
accept one of the comments as answer.

Neil D
cManAsked:
Who is Participating?
 
lrmooreConnect With a Mentor Commented:
You can always run a sniffer application like tcpdump or ethereal. Both are free and will provide you most everything you're looking for. Set either to filter out everything except ftp/http/pop3/smtp and offload the results to a file and away you go...
0
 
geoffrynCommented:
Windows 2000 does not contain any built in facility for logging this kind of RAS traffic.  What kind of connection does the server have to the Internet?  The firewall or router might be able to provide some of this information in conjunction with Software like Websense.  Another option might be to install ISA server on the 2000 box and allow the proxy to log the traffic.
0
 
SimTekSystemsCommented:
I don't know of a free product that will do what you want, however Surf Control's SuperScout will do monitoring as well as filtering. I have installed this solution for a number of clients, it is a solid solution, but it is not cheap.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
dcgamesCommented:
The easiest way to do this is to use a PROXY server.

All access to a particular application would be routed through the server. The server is able to intelligently examine the traffic because it knows what it is.

To a router, gateway or firewall, it is mostly a bunch of packets. To a proxy server, it is a web page being retrieved, or an e-mail being sent, or a telnet session being established.

The Microsoft proxies are not reputed to be very good, and are not included in Win2K Server anyway.

I would recommend doing some serious research into proxies and see if you find one that fits your needs.

Dave
0
 
scraig84Commented:
Dcgames - NOTHING is just a "bunch of packets" to a firewall.  The whole point of having a firewall is the inspection of packets and rules based on variables.  There are very few firewalls that won't provide the info he is looking for, as geoffryn said.  I agree that a proxy such as ISA is a possible solution, but like geoffryn said, there are other possibilities.  As to the "good or bad" nature of MS proxies, for this function they are actually quite good in my experience.
0
 
cManAuthor Commented:
I am using a Zyxel Prestige 600 series, I believe its the
642 but im not sure. Its the one that has a router, hub
and an adsl connection to my isp. Maybe I can get some info from this??

thx fr all yur help!

Neil D
0
 
cManAuthor Commented:
It could be the 643 maybe, it doesnt say on it..

Neil D
0
 
dcgamesCommented:
scraig84 - I agree I'm over simplifying, but unless you have a fancy firewall with stateful inspection, MOST firewalls deal only with packets, IP addresses and ports.

If you are using NAT, there is some degree of statefulness because "replies" can be tied to the original messages you sent, but NAT does not a firewall make.

cMan / Neil - MS Proxy 2.0 (if you have it) is reputed to be much better than 1.0. I believe it comes with the Backoffice suite.

There are proxies designed for internet connection sharing setups, such as WinGATE, which is loved by some, hated by others.

You'll just have to research a few and decide if any fit your needs.

If your users are pretty much tied to their PCs and the kind of information you need is mostly traffic statistics, you may be able to get something from your firewall, but in my experience that hasn't been the case.

Dave

0
 
cManAuthor Commented:
Thank you Irmoore!!

That was just what I needed, the tcpdump led me to windump
after doing a search..It said tcpdump was for unix based os
only, but provided a link to windump which works great!!

Neil D
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.