log_messenger
 

Hi, i´m new around here and i´m looking for help.
I have a debian firewall for my local company, it has at all 12 people working here.
I want to make a log of all the information that go through the messenger. I want to see the ip machines and users that use the Messenger..to keep that information in some way, to see th trafic for that port. How can I do that? Where will my log file stored?
Thanks for your help.

You can use a program like snort

Ok, thanks for your help, but I use IPTABLES in my firewall and I want to keep in that way.
So I want to see the traffic information though messsenger port using iptables. Any suggestion?
Please, if someone knows anything about this give me a tip.
Thanks a lot

Iptables and Snort are two completely different entities that can be used together (iptables is a packet filter while Snort is a intrusion detection system).

If you just want to monitor a certain subset of traffic, either a certain protocol or from a specific host, try tcpdump/ethereal. There are also protocol-specifc sniffers like AIMSniff and dsniff. Also remember that in certain countries it's illegal to monitor employees internet transmissions without prior notification.

I don´t want to monitor, i just want to see the ip addres machines that access to the messenger, when, how many times, etc..., i ask then to use jabber the internal networking "messenger" but they still use the messenger to talk with friend. So i only want to report those events for the Microsoft Messenger, just that, and keep it in a log file.
I need a explicit help in this issue please. And one more question: how i choose the file to log those events?
Thanks!