Goosemaster
Lifer
client has had numerous data thefts and break ins and would like to catch the hackers/thieves in the act or at least logs to show the cops (?)
I have setup an Astaro security Linux box as their firewall (all paid for and such) but the logging capabilities don't seem to include source/destination tables. I have infinite amounts of graphs, but they all analyze the data, and not the data path.
I have setup an HTTP proxy so everything is logged and such, but alas, the logging I require is not here.
I was interested to see what other options are at my disposal.
I was thinking about using etheral but that isn't practical. I simply need a proxy that can capture as much good stuff as I can possibly get.
Either way the firewall will remain Astaro, which is excellent. I am jsut looking for a good snooping tool.
Possible things to log:
1) trojan infiltration
2) keyloggers dialing home
3) DNS redirection
blah blah blah
Would smoothwall provide more adaquate logging for me?
Hell, even my POS sonicwall offers a simple source/destination/port/protocol logging.
I have setup an Astaro security Linux box as their firewall (all paid for and such) but the logging capabilities don't seem to include source/destination tables. I have infinite amounts of graphs, but they all analyze the data, and not the data path.
I have setup an HTTP proxy so everything is logged and such, but alas, the logging I require is not here.
I was interested to see what other options are at my disposal.
I was thinking about using etheral but that isn't practical. I simply need a proxy that can capture as much good stuff as I can possibly get.
Either way the firewall will remain Astaro, which is excellent. I am jsut looking for a good snooping tool.
Possible things to log:
1) trojan infiltration
2) keyloggers dialing home
3) DNS redirection
blah blah blah
Would smoothwall provide more adaquate logging for me?
Hell, even my POS sonicwall offers a simple source/destination/port/protocol logging.
