Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi, i´m new around here and i´m looking for help.
I have a debian firewall for my local company, it has at all 12 people working here.
I want to make a log of all the information that go through the messenger. I want to see the ip machines and users that use the Messenger..to keep that information in some way, to see th trafic for that port. How can I do that? Where will my log file stored?
Thanks for your help.
Ok, thanks for your help, but I use IPTABLES in my firewall and I want to keep in that way.
So I want to see the traffic information though messsenger port using iptables. Any suggestion?
Please, if someone knows anything about this give me a tip.
Thanks a lot
Iptables and Snort are two completely different entities that can be used together (iptables is a packet filter while Snort is a intrusion detection system).
If you just want to monitor a certain subset of traffic, either a certain protocol or from a specific host, try tcpdump/ethereal. There are also protocol-specifc sniffers like AIMSniff and dsniff. Also remember that in certain countries it's illegal to monitor employees internet transmissions without prior notification.
Last edited by Capt_Caveman; 01-07-2005 at 08:35 PM.
I don´t want to monitor, i just want to see the ip addres machines that access to the messenger, when, how many times, etc..., i ask then to use jabber the internal networking "messenger" but they still use the messenger to talk with friend. So i only want to report those events for the Microsoft Messenger, just that, and keep it in a log file.
I need a explicit help in this issue please. And one more question: how i choose the file to log those events?
Thanks!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.