[TriLUG] kinda a sniffer, kinda a snort, kinda weird
Roy Vestal
rvestal at trilug.org
Fri Aug 26 11:43:08 EDT 2005
Greg Brown wrote:
>Does anyone know anything that will pull in data on a listening
>interface (from a span port on a Cisco, for instance) that will log
>traffic to a database then present a break-down of what that person
>did, what protocols they used, what websites they visited, etc? Kind
>of an intellignet traffic reporter? A watchdog so to speak? Does
>anyone know of a linux/bsd package that will do this?
>
>The front-end has to be fairly simple, something a non-techincal
>manager can look at and go "holy crap, employee X is visiting
>monster.com 450000 times per day, while only hitting the web app they
>are supposed to enter data in 10 times a day".
>
>I've never seen a commerical app to do this so I'm having a hard time
>saying "just like product X, only linux-based and free".
>
>Any ideas?
>
>Greg
>
>
Check out nessus. I believe this tool is supposed to do this. PHLAK is a
CD distro that can help as well.
More information about the TriLUG
mailing list