[prev in list] [next in list] [prev in thread] [next in thread]
List: web4lib
Subject: [Web4lib] Fwd: About Computer Networking:How
From: jtgorman () uiuc ! edu (Jonathan Gorman)
Date: 2007-06-27 9:02:46
Message-ID: 20070627080233.ATH23517 () expms4 ! cites ! uiuc ! edu
[Download RAW message or body]
--- Original message ----
> Date: Tue, 26 Jun 2007 16:51:12 -0500
> From: "Robin" <rboulton@stcharleslibrary.org>
> Subject: RE: [Web4lib] Fwd: About Computer Networking:How MySpace May BeHurting \
> Your Network
> To: <jtgorman@uiuc.edu>, <web4lib@webjunction.org>
>
> Hi Jon,
> Thanks for the feedback. Your points are well taken. Can you suggest a
> tool for doing exactly such an audit? I have been discussing this with
> several people lately and none of us have any experience such utilities,
> nor do personally (collectively) know even the names of any good ones.
> Any recommendations pro or con from and the list at large would be
> welcome.
>
It's been a while since I've done anything similar to a network audit. It looks \
like some others have already responded with good suggestions. I'll try to summarize \
what I've used in the past. I'll warn you though, it's mostly Linux/Unix based.
First, you might be able to talk with your ISP and get some reports of commonly used \
ports and ip addresses for the outgoing traffic. If part of the charge of the ISP is \
to provide service, I'd imagine this should fall under the contract.
In the past I personally have used a combination of logs (router, firewall, etc), \
Ethereal (packet sniffer as well as other things), and nmap (to scan for suspicious \
ports). Nmap or a similar port scanning tool might be a good first step just to see \
if there's any odd ports accepting connections. I've heard good things about Snort \
but don't remember using it any time recently. Ethereal is a bit tricky to use and I \
won't claim to be much help using it You also need to be careful if you have privacy \
concerns using Ethereal. I vaguely also remember setting up SATAN to scan for \
rootkits, but that was quite a bit ago and don't know the state of the software these \
days.
One thought I did have is it might be possible that you have a patron with a digital \
camera who's using the computers to upload images to some service like flickr. I've \
seen people not be aware of how huge their image files are and attempting to do \
things like email. It's not as likely a scenario as a compromised computer, but I \
could see it happening.
Jon Gorman
-------------------------------
Research Information Specialist
University of Illinois at Champaign-Urbana
316 Main Library - MC522
1408 West Gregory Drive
Urbana, IL 61801
Phone: (217) 244-4688
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic