Re: newsgroup access
From: jpd (read_the_sig_at_do.not.spam.it)
Date: 08/18/04
- Next message: Conrad J. Sabatier: "Re: Error: input: Resource temporarily unavailable"
- Previous message: JOHN: "freebsd netatalk work on 3com card but not tio gig fiber card"
- In reply to: thegus: "newsgroup access"
- Next in thread: +Alan Hicks+: "Re: newsgroup access"
- Reply: +Alan Hicks+: "Re: newsgroup access"
- Reply: thegus: "Re: newsgroup access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 18 Aug 2004 10:50:30 +0000 (UTC)
On 2004-08-18, thegus <claydo@na.yahoo.com> wrote:
> Leaving the politics of the issue aside,
On the (probably false) assumption that whoever drives the decision
knows of and understands the implications...
> some folk I know are offering servers /email/firewall/ gateway with full
> logging of activities of internet use.
>
> does anybody have any pointers to how a gateway machine could be
> configured to log client (winxp and linux ) machines access to the
> internet. It would need to include websites visited and usenet newsgroups,
> which groups are accessed and number of messages read etc, and possibly
> chat/irc
Well, you could ask those folks.
There are various ways and tools but no all-in-one that I know off. EG,
squid and socks will allow you to do extensive logging, so either force
everybody to use your provided (caching-) proxy for http, ftp and alike,
or set it up as a (forced) transparant proxy.
Same for news, mostly; you can provide a news server (and you don't even
need to run a full feed, lots of options here) and force everybody to
use it. I don't know of any transparant proxy tricks for nntp though.
chat of any kind is probably going to be excessively hard in this
manner, but you could try and use ``generic'' ip-accounting things.
Those are available. And they may possibly be acceptable for nntp and/or
http/ftp/etc. too.
After that comes the analysis of the logs, for which there are numerous
packages to be found, especially for http logs. How accurate their
results are is an interesting question, and the answer depends on the
what exactly you want to know.
In short, there are usable technical measures but none of them are
simple. Look around in the ports collection for some ideas. Altough
there are generic accounting solutions, for the real detail you need
to go up the iso levels. Which means that you have to deal with one
application (or a few) at a time.
I'll stress that the most important question in this is not what is
possible, but what you want to know and why you want to know it in the
first place. Reduction here saves lots of trouble later on, and it helps
clear up where you are and where you want to go. Turn that into policy
and you've done half the work already. How you enforce the policy is
another matter. But it is important to realize that people problems can
not be dealt with in a purely technical matter.
So a more interesting question is to ask those folks you mentioned why
they are providing the logging, and maybe why the people they provide it
to/for want that.
-- j p d (at) d s b (dot) t u d e l f t (dot) n l .
- Next message: Conrad J. Sabatier: "Re: Error: input: Resource temporarily unavailable"
- Previous message: JOHN: "freebsd netatalk work on 3com card but not tio gig fiber card"
- In reply to: thegus: "newsgroup access"
- Next in thread: +Alan Hicks+: "Re: newsgroup access"
- Reply: +Alan Hicks+: "Re: newsgroup access"
- Reply: thegus: "Re: newsgroup access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
