Solved

TMG 2010 SSH traffic monitor

Posted on 2010-08-23
5
1,586 Views
Last Modified: 2013-11-16
Hello..

Is there a way to monitor SSH traffic on TMG 2010 server.

what I want to is to save a daily report contains only information about SSH traffic ( inbound and outbound).

Thanks in advance.
0
Comment
Question by:Suliman Abu Kharroub
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 33569907
No different to any other report based upon a protocol.
Edit the filter within the gui and change the time from live to past 24 hours, and the protocol to port 22. Run the query - copy the result to the clipboard and paste into Excel.

Keith
0
 
LVL 23

Author Comment

by:Suliman Abu Kharroub
ID: 33570287
Thank you so much for you response.

where can i determine the port number or a protocol please ?

TMG-report.JPG
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 33570464
SSH uses TCP port 22
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 33570507
What you have attached are the reports options - use the other tab

Gui - Logs & reports - (logs tab at the top)
Edit the filter by right-clicking the main window and selecting edit filrter.
Change the time from live to past 24 hours, and the protocol to TCP port 22.
Run the query - copy the result to the clipboard and paste into Excel.
0
 
LVL 23

Author Comment

by:Suliman Abu Kharroub
ID: 33572595
Thanks a lot for your help.

I cant run a Query, but i believe this problem  should be in anther question:

http://www.experts-exchange.com/Microsoft/Windows_Security/Q_26443024.html
0

Featured Post

IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question