[CentOS] Internet usage monitoring
Dennis McLeod
dmcleod at foranyauto.com
Wed Jan 23 16:33:22 UTC 2008
You mean to audit where people are going?
We have a (vendor provided) Websense server. Contract was for 3 years
(longer than I've been here). It'll be up soon. At the current rate, it's
about a 12,000.00/year savings to go to squid.
I have already put up a Centos5 box with Squid, and squidguard for testing
(on an old IBM NetVista workstation P3). Sarge looks good for reports, I
really don't need the advanced reporting features, just the actual BLOCKING
part, and a little bit of auditing. We really just want the legal liability
issue covered.
I won't bother with the transparent part, just restrict access out to the
internet in the firewall to the squid box only, which will force the client
machines to use the proxy settings. I would dump those down to the machine
as part of a logon script. I'd probably set a few machines (the owner,
myself, and any server that DOES need to go to the internet) to be able to
go around the proxy too.
I also currently USE an IPcop box on my public internet access (we provide a
couple of pc's plus wireless access for customers) in our waiting areas.
It also has the squidguard add-in. We had a couple of instances where
customers were surfing porn in our waiting area. I put that up in less than
a day, on an old Compaq P3, with a 10g drive. I have a standalone D-Link
access point to provide the wireless. I can look through the squid and
squidguard logs to see where people have been. It goes out a completely
separate DSL account.
I also tried out Cyfin Reporter (Google: wavecrest) in anticipation, in
order to generate internet usage reports. I copied the squid logs, both from
the ipcop box and from my test box, over to my PC (XP), setup Cyfin
reporter, and got BEAUTIFUL reports. I used Cyblock ISA (an older product
that integrated with ISA Server 2000) at a previous employer, and can
honestly say I've never seen easier to read and understand reports
(especially when you need to send it to an HR person, you don't have to
explain everything.)
The ONLY issue I have to work out is the reporting method. It's a workgroup
environment on XP, with local logon. I am forced to report based on IP
address, vs logon name. I'm working on the domain logon part...
If you mean Traffic to the internet, I use MRTG to query my switches and
routers. I have a webpage on my intranet that puts all the graphs together.
Dennis
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf
Of dnk
Sent: Tuesday, January 22, 2008 4:48 PM
To: Centos List
Subject: [CentOS] Internet usage monitoring
I was just curious what other admins were using to monitor internet
usage.... just a squid transparent proxy with something like sarge?
Thanks!
dnk
_______________________________________________
CentOS mailing list
CentOS at centos.org
http://lists.centos.org/mailman/listinfo/centos
More information about the CentOS
mailing list