Re: logging/blocking aol/yahoo/msn instant messages
From: Rob 'Feztaa' Park (feztaa@shaw.ca)Date: 10/18/01
- Previous message: Tosoni: "RE: Root can't delete files"
- In reply to: Chris Campbell: "logging/blocking aol/yahoo/msn instant messages"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 17 Oct 2001 20:22:48 -0600 From: Rob 'Feztaa' Park <feztaa@shaw.ca> To: focus-linux@securityfocus.com Subject: Re: logging/blocking aol/yahoo/msn instant messages Message-ID: <20011017202248.N1578@so_much_for_message_ids.com>
On Mon, Oct 15, 2001 at 04:05:27PM -0400, Chris Campbell (dis)graced my inbox with:
> I have been asked to log all aim converstaion, since I work for a financial
> firm and
> compliance wants to lock down information getting outside. Has anyone done
> this before, and can reccommend something to try? I thought maybe snort
> or something of the sort would maybe do it, but I havent really done my
> research yet. Thanks.
I would suggest having iptables log all traffic on the AIM port,
although I'm not sure there is a way to log the actual content of
packets (I know you can filter based on the contents of packets, with
the string module, but can you log them?)
-- Rob 'Feztaa' Park feztaa@shaw.ca -- PURGE COMPLETE.
- Previous message: Tosoni: "RE: Root can't delete files"
- In reply to: Chris Campbell: "logging/blocking aol/yahoo/msn instant messages"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
