log_messenger
Hi, i´m new around here and i´m looking for help.
I have a debian firewall for my local company, it has at all 12 people working here. I want to make a log of all the information that go through the messenger. I want to see the ip machines and users that use the Messenger..to keep that information in some way, to see th trafic for that port. How can I do that? Where will my log file stored? Thanks for your help. |
You can use a program like snort
|
Ok, thanks for your help, but I use IPTABLES in my firewall and I want to keep in that way.
So I want to see the traffic information though messsenger port using iptables. Any suggestion? Please, if someone knows anything about this give me a tip. Thanks a lot |
Iptables and Snort are two completely different entities that can be used together (iptables is a packet filter while Snort is a intrusion detection system).
If you just want to monitor a certain subset of traffic, either a certain protocol or from a specific host, try tcpdump/ethereal. There are also protocol-specifc sniffers like AIMSniff and dsniff. Also remember that in certain countries it's illegal to monitor employees internet transmissions without prior notification. |
I don´t want to monitor, i just want to see the ip addres machines that access to the messenger, when, how many times, etc..., i ask then to use jabber the internal networking "messenger" but they still use the messenger to talk with friend. So i only want to report those events for the Microsoft Messenger, just that, and keep it in a log file.
I need a explicit help in this issue please. And one more question: how i choose the file to log those events? Thanks! |
All times are GMT -5. The time now is 04:10 AM. |