[fw-wiz] Traffic Monitoring
From: Zahid Ahmad Khan (zahid_at_expertsystems.net)
To: <firstname.lastname@example.org> Date: Tue, 6 May 2003 09:54:13 +0500
A research organization has asked me to look at an interesting
situation. They are paranoid about pilferage of research work and want
to monitor and log all email traffic (Vectors and contents of POP, SMTP
& IMAP). They require the following:
1) Log all in and out bound emails (All employees have been duly
informed of the fact).
2) Generate email vector logs.
3) Flag and stop any email with unauthorized contents.
4) Only interested in traffic on the WAN and Internet interface (E-1,
E-3, OC-3, POS)
5) Do not want to log or see any internal traffic which might be contain
sensitive R&D info.
I was thinking of putting together a system using pcap for capturing
traffic and using/developing an analysis reporting engine. Due to the
urgency of client requirements, I will appreciate if anyone could let me
know of any good analysis and reporting tools/systems or even a complete
monitoring system. At this moment I am open any inputs regarding
commercial as well as open source tools/products.
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.476 / Virus Database: 273 - Release Date: 4/24/2003 _______________________________________________ firewall-wizards mailing list email@example.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards