Re: Help with Snort or Ethereal
From: Susan Bradley, CPA aka Ebitz SBS Rocks [MVP] (sbradcpa_at_pacbell.net)
Date: 05/31/03
- Next message: Susan Bradley, CPA aka Ebitz SBS Rocks [MVP]: "Re: Patch Listing"
- Previous message: Susan Bradley, CPA aka Ebitz SBS Rocks [MVP]: "Re: Security update pulled back"
- In reply to: Keith W. McCammon: "Re: Help with Snort or Ethereal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 30 May 2003 23:11:51 -0700
Keith's right, Snort and/or Ethereal are chunking out the tcp/ip dumps and to
sit that and look up the true web names for each IP address that goes though
snort's log files would take you too long.
What firewall are you running? If a Linksys their's a linklogger program
http://www.linklogger.com/
"Keith W. McCammon" wrote:
> > Doesn anyone know how to configure either of these apps or some other
> > windows based app to display the urls of sites visited on the internet?
>
> It can be done with either, by parsing the results and performing a lookup
> on the addresses programmatically. In either case, you're trying to use a
> capture engine as an ad-hoc proxy logging mechanism, which is going to
> require some customization. Why not use proxy or firewall logs instead, as
> they both have more specific and relevant information?
- Next message: Susan Bradley, CPA aka Ebitz SBS Rocks [MVP]: "Re: Patch Listing"
- Previous message: Susan Bradley, CPA aka Ebitz SBS Rocks [MVP]: "Re: Security update pulled back"
- In reply to: Keith W. McCammon: "Re: Help with Snort or Ethereal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
