• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 343
  • Last Modified:

Ras clients and the internet.....

I am using win2000 adv server.
I have RAS dial-up clients that connect to my network
and access the internet from there. This is pretty much the same as an ISP/Customer relationship where the whole purpose of them connecting to my network is to gain access
to the internet. Now here's the catch...I want to be able
to see where my ras clients are going on the internet. I
would like to be able to see the URLs of ALL the sites they visited, Or something similar, Also, maybe even how
much time was spent at each site. Does win2000 adv server
have anything that would contain this info, and if not,
Where can I get some free software to install on my server
that will give me the info I want?

Leave a comment so others can do the same, and I will
accept one of the comments as answer.

Neil D
1 Solution
Windows 2000 does not contain any built in facility for logging this kind of RAS traffic.  What kind of connection does the server have to the Internet?  The firewall or router might be able to provide some of this information in conjunction with Software like Websense.  Another option might be to install ISA server on the 2000 box and allow the proxy to log the traffic.
I don't know of a free product that will do what you want, however Surf Control's SuperScout will do monitoring as well as filtering. I have installed this solution for a number of clients, it is a solid solution, but it is not cheap.
The easiest way to do this is to use a PROXY server.

All access to a particular application would be routed through the server. The server is able to intelligently examine the traffic because it knows what it is.

To a router, gateway or firewall, it is mostly a bunch of packets. To a proxy server, it is a web page being retrieved, or an e-mail being sent, or a telnet session being established.

The Microsoft proxies are not reputed to be very good, and are not included in Win2K Server anyway.

I would recommend doing some serious research into proxies and see if you find one that fits your needs.

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Dcgames - NOTHING is just a "bunch of packets" to a firewall.  The whole point of having a firewall is the inspection of packets and rules based on variables.  There are very few firewalls that won't provide the info he is looking for, as geoffryn said.  I agree that a proxy such as ISA is a possible solution, but like geoffryn said, there are other possibilities.  As to the "good or bad" nature of MS proxies, for this function they are actually quite good in my experience.
cManAuthor Commented:
I am using a Zyxel Prestige 600 series, I believe its the
642 but im not sure. Its the one that has a router, hub
and an adsl connection to my isp. Maybe I can get some info from this??

thx fr all yur help!

Neil D
cManAuthor Commented:
It could be the 643 maybe, it doesnt say on it..

Neil D
scraig84 - I agree I'm over simplifying, but unless you have a fancy firewall with stateful inspection, MOST firewalls deal only with packets, IP addresses and ports.

If you are using NAT, there is some degree of statefulness because "replies" can be tied to the original messages you sent, but NAT does not a firewall make.

cMan / Neil - MS Proxy 2.0 (if you have it) is reputed to be much better than 1.0. I believe it comes with the Backoffice suite.

There are proxies designed for internet connection sharing setups, such as WinGATE, which is loved by some, hated by others.

You'll just have to research a few and decide if any fit your needs.

If your users are pretty much tied to their PCs and the kind of information you need is mostly traffic statistics, you may be able to get something from your firewall, but in my experience that hasn't been the case.


You can always run a sniffer application like tcpdump or ethereal. Both are free and will provide you most everything you're looking for. Set either to filter out everything except ftp/http/pop3/smtp and offload the results to a file and away you go...
cManAuthor Commented:
Thank you Irmoore!!

That was just what I needed, the tcpdump led me to windump
after doing a search..It said tcpdump was for unix based os
only, but provided a link to windump which works great!!

Neil D
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now