[clue-tech] proxy to log chat
Mike Staver
staver at fimble.com
Thu Feb 24 10:26:16 MST 2005
I have struggled with this at my company as well. We want to allow chat
for some people who use it for legitmate business purposes, and disallow
it for others. Besides removing the programs from the employees
computers and taking away access to reinstall them, I haven't found a
good way to prevent this. I have a Cisco PIX 515e as our firewall/vpn,
and no matter how hard I try, I can't find a way to block yahoo's im
client. I had to resort to creating a dns zone file and pointing it at
127.0.0.1 for the sub domains yahoo uses. However, this completely
screws up the www.yahoo.com search results page if you over do it. I'd
love to hear how others are blocking IM clients...
Chris Schock wrote:
> As others have mentioned ethereal (or tethereal) will do this but if you
> want any kind of report you'll be growing one yourself.
>
> Snort also does this. If you use a frontend such as Open Aanval or Acid
> you can easily see what contents of the chat. Both of these still have
> what I consider weak reporting, but the sources, destinations, content,
> and number of messages are all there readily summarized.
>
> This may seem rather big brother, but with things like Bropia out there
> people really need to consider the risk of allowing chat.
>
>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA1
>>
>>A friend of mine asked me how he can monitor chat sessions for employees.
>>I
>>mentioned squid, but I wasn't sure it does common chat protocols like AIM
>>or
>>yahoo. I checked the squid home page and it doesn't look to monitor YCHT
>>or
>>
>>So, anyone know of such a tool to monitor chat traffic that runs on linux?
>>
>>I appreciate any suggestions.
>>Jeff
>>- --
>>"Science can purify religion from error and superstition. Religion can
>>purify
>>science from idolatry and false absolutes."
>>- - Pope John Paul II
>>
>>http://isuma.org/
>>
>>
>>-----BEGIN PGP SIGNATURE-----
>>Version: GnuPG v1.2.1 (GNU/Linux)
>>
>>iD8DBQFCHVGKi4b9OApLCmoRAtv3AJ9O+6vK+2/5t3X/8ZrDqJ5Gya2U5wCfbg3E
>>uYE6Lz6xEUaCDVBJW84IvOI=
>>=+YXh
>>-----END PGP SIGNATURE-----
>>
>>_______________________________________________
>>CLUE-tech mailing list
>>CLUE-tech at clue.denver.co.us
>>http://clue.denver.co.us/mailman/listinfo/clue-tech
>>
>
>
>
> _______________________________________________
> CLUE-tech mailing list
> CLUE-tech at clue.denver.co.us
> http://clue.denver.co.us/mailman/listinfo/clue-tech
--
-Mike Staver
staver at fimble.com
mstaver at globaltaxnetwork.com
More information about the clue-tech
mailing list