Solved

Internet Loggin

Posted on 2004-03-29
6
322 Views
Last Modified: 2009-09-15
Good Day
I need to track internet useage and be able to tie it down to the user
Any prorams that i can make use off?
My firewall's logs doesn't have enough information
any idea's?
0
Comment
Question by:AlexBrone
6 Comments
 
LVL 4

Expert Comment

by:hawgpig
ID: 10705508
Alex,
    Try these two freewares...they both must be put on the computer that you want to track...

http://www.snapfiles.com/download/dltracksrevealer.html

http://www.snapfiles.com/download/dlinternetspy.html

CISCO PIX will do what you are looking to do through syslogs...
and you can filter per IP address....
But if you are going to do this make sure the subject you are tracking has a static IP address and is not DHCP served....
Good Luck
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 10705922
You might try something like the iPrism appliance, or WebSense

http://www.stbernard.com
http://www.Websense.com

You have to be very careful when "spying" on users. They must be made aware that it is/could be happening and given clear do's and don'ts beforehand.

0
 
LVL 5

Expert Comment

by:visioneer
ID: 10708246
For just tracking, as well as filtering, www.surfcontrol.com is a good (albeit expensive) choice.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 1

Accepted Solution

by:
steff66 earned 500 total points
ID: 10711838
Why not use the logg after all. We do.
You have to make loggs to a logg server. And in the config of pix you can make
exclusions så you don´t logg to much. Then you can just make searches to
what xlates.

ex on pix exclusions that will give U a good start in finding user specific info for xlate
translations. This might not help U. You have to know what ips the User have on the inside.


no logging message 602102                        
no logging message 602101                        
no logging message 109001                        
no logging message 603107                        
no logging message 109003                        
no logging message 603106                        
no logging message 109002                        
no logging message 603105                        
no logging message 109005                        
no logging message 603104                        
no logging message 611303                        
no logging message 109007                        
no logging message 611302                        
no logging message 109006                        
no logging message 611301                        
no logging message 603109                        
no logging message 603108                        
no logging message 611307                        
no logging message 611306                        
no logging message 611305                        
no logging message 611304                        
no logging message 611311                        
no logging message 611310                        
no logging message 315011                        
no logging message 611309                        
no logging message 611308                        
no logging message 311004                        
no logging message 311002                        
no logging message 311003                        
no logging message 106014                        
no logging message 109009                        
no logging message 106015                        
no logging message 311001                        
no logging message 109008                        
no logging message 613002                        
no logging message 613003                        
no logging message 106011                        
no logging message 613001                        
no logging message 603103                        
no logging message 109015                        
no logging message 603102                        
no logging message 106006                        
no logging message 603101                        
no logging message 106007                        
no logging message 314001                        
no logging message 604103                        
no logging message 106001                        
no logging message 604102                        
no logging message 604101                        
no logging message 403500                        
no logging message 604104                        
no logging message 606002                        
no logging message 606001                        
no logging message 308001                        
no logging message 106021                        
no logging message 199002                        
no logging message 199005                        
no logging message 305007                        
no logging message 309002                        
no logging message 305010                        
no logging message 614002                        
no logging message 614001                        
no logging message 210022                        
no logging message 608001                        
no logging message 303002                        
no logging message 607001                        
no logging message 611102                        
no logging message 611101                        
no logging message 610101                        
no logging message 302010                        
no logging message 302009                        
no logging message 302015                        
no logging message 302014                        
no logging message 302013                        
no logging message 602301                        
no logging message 602302                        
no logging message 302003                        
no logging message 110001                        
no logging message 312001                        
no logging message 304001                        
no logging message 304004                        
no logging message 302004                        
no logging message 609002                        
no logging message 609001                        
no logging message 302016                        
0
 
LVL 4

Expert Comment

by:hawgpig
ID: 10713770
lrmoore is correct when he sayes you should let the subject know......
but this should already be done it your IT security policy that EVERYONE IN THE COMPANY SHOULD HAVE SIGNED....
Spy ware is not an issue at that point......
0
 
LVL 8

Expert Comment

by:smeek
ID: 10714279
It is not free, but that is pretty much what Websense and SurfControl were designed for.

I have set up WebSense and it can prevent users from connecting, limit the time the users connect or just track the sites the users connect to.  It can do all of these by category.  They have a Universal Integration document that helps you configure with a PIX.

It can just log the info, but it also has a real-time utility that lets you watch users traffic.  You can sort by top users and other stuff.

Steve
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now