RE: WWW Proxy/Traffic Analyzer
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Don Munyak Sent: Friday, 19 January 2007 4:20 AM To: FreeBSD Questions; [EMAIL PROTECTED] Subject: Fwd: WWW Proxy/Traffic Analyzer -- Forwarded message -- From: Bachilo Dmitry [EMAIL PROTECTED] Date: Jan 10, 2007 10:54 PM Subject: Re: WWW Proxy/Traffic Analyzer To: freebsd-questions@freebsd.org We have an employee who spends quite a bit of time on the net and currently have no way of analyzing where they go. Are there any decent proxy servers that I can put them on to see where they are going? -Tom I have recently installed Dansguardian + Squid onto 6.1-REALEASE. My approach was not as an in-line, but rather transparent mode. Our proxy server is in the DMZ. All outbound http requests from the LAN are redirected at the firewall to the server in the DMZ. This approach eliminates users ability to by-pass the proxy, as no changes to browser settings are made. If the proxy dies, all I need to do (temporarily) is disable the redirector in the firewall. So far, this setup works rather well. There are plenty of free tools for analyzing the logs. The plus for us, by incorporating Dansguardian, is the ability to further customize what is acceptable and what's not. ~ Don ___ Add calamaris from the ports and you have a good squid log analyser in the bundle. mjt --- The information transmitted in this e-mail is for the exclusive use of the intended addressee and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of it, or the taking of any action in reliance upon this information by persons and/or entities other than the intended recipient is prohibited. If you received this in error, please inform the sender and/or addressee immediately and delete the material. E-mails may not be secure, may contain computer viruses and may be corrupted in transmission. Please carefully check this e-mail (and any attachment) accordingly. No warranties are given and no liability is accepted for any loss or damage caused by such matters. --- ### This e-mail message has been scanned for Viruses by Bytecraft ### ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WWW Proxy/Traffic Analyzer
On Jan 10, 2007, at 8:00 AM, Tom Grove wrote: We have an employee who spends quite a bit of time on the net and currently have no way of analyzing where they go. Are there any decent proxy servers that I can put them on to see where they are going? Squid is a popular proxy server, although mod_proxy for Apache is another choice. However, you can analyze where someone is going on the net much more easily using a packet sniffer like tcpdump. However, this sort of issue is a management issue, not a technology problem. If the employee is getting their work done and meeting their deadlines, there probably isn't a problem worth pursuing. Otherwise, the issue is that this person isn't getting the work done, and whether they are surfing random pages or wasting time in some other fashion doesn't particularly matter -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: WWW Proxy/Traffic Analyzer
В сообщении от Среда 10 января 2007 22:00 Tom Grove написал(a): We have an employee who spends quite a bit of time on the net and currently have no way of analyzing where they go. Are there any decent proxy servers that I can put them on to see where they are going? -Tom ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Nothing can be easier. You will have to recompile your kernel to be able to forward all traffic of your employees to squid, even if they don't use proxy in their browser. Compile it with Options IPFIREWALL_FORWARD Then install squid and add a rule to a firewall like this: fwd 192.168.1.1,3128 tcp from any to any dst-port 80 via xl0 Where 192.168.1.1 is a router, 3128 - squid port and xl0 is an outer interface. This will make all your network users go through squid and all their moves will be recorded. You will just need to install SARG, which will draw nice HTML tables with IPs and sites visited by them. I use it myself and it works just fine. I also use squid to deny downloading of avi and mpeg files, and also to deny some sites that are not work-related and should not be visited from office. Also Squid and SARG can count traffic, so you can see who spends how much, if you don' have an unlimited internet. -- С уважением, Бачило Дмитрий Руководитель отдела системной интаграции ООО Компания Солинк -- With Best Regards, Bachilo Dmitry Head of systems integration dept Solink Company Ltd. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
