[sllug-members]: Transparent Proxy Log Files
Corey Edwards
tensai at zmonkey.org
Mon Nov 13 22:05:37 MST 2006
On Mon, 2006-11-13 at 20:48 -0700, Allen Parker wrote:
> On 11/13/06, raven <raven at kekeke.org> wrote:
> > Knight Walker wrote:
> > >
> > > I myself am interested in something that can keep track of IMs, to keep
> > > the teenager honest, but I haven't found anything yet. I've heard of
> > > something for AIM, but he doesn't use that, so it's no help for me.
> > >
> > > -KW
> > >
> >
> > Well, if you really want to do some snooping you could always install
> > ethereal on the nat / proxy box. I haven't checked to see how well it
> > runs on command line, I normally use it on windows. I'm building it
> > now, and I'll report back.
> >
> > www.ethereal.com
>
> I find that tcpdump is more than adequate for most things (uses pcap,
> doesn't require X11), ethereal (or whatever the hell it's called
> nowadays) is actually quite a bit heavier than tcpdump, but both will
> fill a disk rather quickly.
You might want to check out ntop which is a daemonized tcpdump plus so
much more. Don't try to run it on a 27mbps DS3 using just a 128MB P3
800MHz. The server will not appreciate you. On smaller links it works
great and will give you all sorts of juicy details.
My other suggestion is to look for a SOCKS proxy. This is what really
anal corporate IT departments deploy. It does require a configuration
change on the client because *all* traffic is forced through the proxy.
Heavy handed, but quite complete. Apt tells me there is one named Dante,
but I haven't ever personally run one.
Corey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://sllug.org/pipermail/sllug-members/attachments/20061113/f05e34d8/attachment.pgp
More information about the sllug-members
mailing list