Hi Tom,

CA Sessionwall-3 worked fine for that purpose, now it has evolved into
eTrust Intrusion Detection product:
http://www3.ca.com/Solutions/Product.asp?ID=163

This one is pretty easy to setup and use.
One word of warning though, Sessionwall would work only with NT4

Alexander Poizner
HIP Interactive Corp.

-----Original Message-----
From: TOM SUTHERLAND [mailto:tsuthersilver-lake.com]
Sent: Thursday, November 15, 2001 14:15
To: FOCUS-MSsecurityfocus.com
Subject: Web monitoring tool ala George Orwell.

Is anyone aware of a passive network monitoring tool that will track URLs,
SMTP, POP3, FTP etc. and log this info to a database or file? It would also
be my hope that this tool would provide meaningful and detailed reports of
web usage. Some of the features provided by dsniff would be doubleplusgood -
like replaying web usage, showing clear text FTP/Telnet passwords etc.

I've messed around with a product that's pretty close to what I want
(UC.LAN). But I'm looking for alternatives...

Any ideas are welcome.

Thanks,
Tom Sutherland

-----Original Message-----
From: Frank Heyne [mailto:fhrcs.urz.tu-dresden.de]
Sent: Thursday, November 15, 2001 10:41 AM
To: Michael Fanara
Cc: FOCUS-MSsecurityfocus.com
Subject: Re: auditing PCs

On 15 Nov 2001, at 9:48, Michael Fanara wrote:

> The list,
>
> Are there any 3rd party utilities out there that would allow me to
> track logins - who, when, how many times since x days ago, etc.? I
> know I could turn on auditing and read the security logs, but I need
> to do this for about 250 NT4.0 machines, spread out, in an NT4.0 domain.

You can collect all logs with the Freeware EventSave.exe and then make
a nice report with R528.exe.
Bot tools are available from http://www.heysoft.de/

Frank Heyne

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]