I use SMTP in alarms in reporting presumed attacks and when testing tunnels and like (too lazy to browse trough logs =) ). Logs are good enough but in some things I want quick info whats going on. Another good point is that you can basically check SMTP traps anywhere where you have access to mail. I think it's more a question of personal preferences though.
About ICQ ... I hate to say this because at best ICQ is quite good thing, but it has some severe loopholes. In my opinion for now it would be best to close ICQ. If theres need for internal conversation inside company my solution would be something like IRC-server running in protected network, with no access from outside. ----- Original Message ----- From: "Mike Schrauder" <[EMAIL PROTECTED]> To: "'Reko Turja'" <[EMAIL PROTECTED]> Sent: Tuesday, February 01, 2000 4:34 AM Subject: RE: SNMP, help a newbie please > Most certainly, you are correct. The policy reads something to this effect > of use of company property, addresses personal use will be tolerated, yada > yada, and is fairly vanilla. But if you say you have the ability to log, > then you better be able to back it up. I am the administrator, and I use > the net for business and personal alike. I have to look at it from both > ends. I have the benefit of working for an Open Book management company. > Info flows freely, but CYA has to be in effect. > > The logs will never be looked at until there is suspected abuse. And the > use policy spells it out very well. > > Thanks for the insight. And thanks to all for the info. I thing the NT > util for syslog is what I was looking for. I thought that SNMP would be > tohe tool to use, but further digging turned up this syslog thing. > > Can anyone tell me what SNMP might give me that this syslog will not? > > Sorry for the length. > > Mike Schrauder > MIS, Specialty Blades, Inc. > [EMAIL PROTECTED] > ICQ 3317912 > P540.245.1006 > F540.248.4400 > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > Reko Turja > Sent: Monday, January 31, 2000 4:48 PM > To: [EMAIL PROTECTED] > Subject: Re: SNMP, help a newbie please > > Send postings to: [EMAIL PROTECTED] > Access the list archives at: > http://www.gnatbox.com/gb-users/ > ---------------------------------- > I'm not too sure about US privacy laws, but I think that you should tell > people that all traffic is being logged. > > > ----- Original Message ----- > From: "Michael W. Burden" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Monday, January 31, 2000 6:52 PM > Subject: RE: SNMP, help a newbie please > > > > Send postings to: [EMAIL PROTECTED] > > Access the list archives at: > > http://www.gnatbox.com/gb-users/ > > ---------------------------------- > > What about setting up an outbound "allow all" filter that logs > > "accepts"? This would give you the Source IP address, Destination IP > > address, Source port (probably not too useful), and Destination port > > (which will tell you what service). > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of > > Mike Schrauder > > Sent: Monday, January 31, 2000 9:20 AM > > To: [EMAIL PROTECTED] > > Subject: SNMP, help a newbie please > > > > > > Send postings to: [EMAIL PROTECTED] > > Access the list archives at: > > http://www.gnatbox.com/gb-users/ > > ---------------------------------- > > The powers that be would like to log where everyone goes on the net. Not > to > > be big brother, but just to enforce policy only if necessary. If we just > > say "we can track you", that will eliminate abuse 99% of the time. But if > > we have an "incident"... > > We would like to see if any of you gurus out there are using the snmp > > trapping. Can this log (using dns) where people are going outbound from > the > > PRO? Any help, pointers, observations greatly appreciated. > > One other thing. Are there any security risks to running over the GB? > > Thanks. > > > > Mike Schrauder > > MIS, Specialty Blades, Inc. > > [EMAIL PROTECTED] > > ICQ 3317912 > > P540.245.1006 > > F540.248.4400 > > > > > > > > ---------------------------------------------- > > To Unsubscribe: send mail to [EMAIL PROTECTED] > > with "unsubscribe gb-users your_email_address > > in the body of the message > > > > ---------------------------------------------- > > To Unsubscribe: send mail to [EMAIL PROTECTED] > > with "unsubscribe gb-users your_email_address > > in the body of the message > > ---------------------------------------------- > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe gb-users your_email_address > in the body of the message > >
