kwanbis Posted September 6, 2007 Share Posted September 6, 2007 Hi. I want to monitor what the users are doing on a LAN.Mostly, i want to make sure they are not downloading movies/music/etc. What tools and how should i do it?NOTE: if you think there is a better forum for LAN issues, please let me know. Thanks. Link to comment Share on other sites More sharing options...
uid0 Posted September 6, 2007 Share Posted September 6, 2007 You could try squid and dansguardian.Wont run on windows though. Link to comment Share on other sites More sharing options...
kwanbis Posted September 6, 2007 Author Share Posted September 6, 2007 both are "proxy" like. I don't want to put anything in between. I want to "listen" to the nw. I was thinking wireshark (ethereal) Link to comment Share on other sites More sharing options...
Arie Posted September 6, 2007 Share Posted September 6, 2007 both are "proxy" like. I don't want to put anything in between. I want to "listen" to the nw. I was thinking wireshark (ethereal)Possible, but it will give you a lot of work to figure all the traffic out. You could start by proper filtering, then perhaps exporting the whole dump and do a search on that. But like I wrote, it will give you a lot of work, even if you would only do this occasionally. Stripping down your whole dump could be best done using some sort of script, but writing a proper script will also take plenty of time. Anyway, best would be still to put a proxy in between for instance. Link to comment Share on other sites More sharing options...
cluberti Posted September 6, 2007 Share Posted September 6, 2007 both are "proxy" like. I don't want to put anything in between. I want to "listen" to the nw. I was thinking wireshark (ethereal)Any particular reason you want to do things the (really) hard way? Link to comment Share on other sites More sharing options...
arctirus Posted September 7, 2007 Share Posted September 7, 2007 http://www.ntop.org/overview.html Link to comment Share on other sites More sharing options...
lsjames Posted September 19, 2007 Share Posted September 19, 2007 (edited) Active Wall support gateway,bridge,passby mode. Maybe it is fit for you.http://en.lanctrl.com Edited September 19, 2007 by lsjames Link to comment Share on other sites More sharing options...
nitroshift Posted September 19, 2007 Share Posted September 19, 2007 How is your network configured? P2P, domain? I use Wireshark on the DC and filters It is doing its job nicely Link to comment Share on other sites More sharing options...
arctirus Posted September 20, 2007 Share Posted September 20, 2007 I use WiresharkI'd encourage you to check out the ntop link I posted. Ntop is basically a nice html front end report system that runs on top of ethereal / wireshark. It makes things so much easier, oh, and it's free. Link to comment Share on other sites More sharing options...
nitroshift Posted September 20, 2007 Share Posted September 20, 2007 I'd encourage you to check out the ntop link I posted. Ntop is basically a nice html front end report system that runs on top of ethereal / wireshark. It makes things so much easier, oh, and it's free.Thanks, just read your post, will try it tomorrow Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now