'[Web4lib] Fwd: About Computer Networking:How'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       web4lib
Subject:    [Web4lib] Fwd: About Computer Networking:How
From:       jtgorman () uiuc ! edu (Jonathan Gorman)
Date:       2007-06-27 9:02:46
Message-ID: 20070627080233.ATH23517 () expms4 ! cites ! uiuc ! edu
[Download RAW message or body]


--- Original message ----
> Date: Tue, 26 Jun 2007 16:51:12 -0500
> From: "Robin" <rboulton@stcharleslibrary.org>  
> Subject: RE: [Web4lib] Fwd: About Computer Networking:How MySpace May	BeHurting \
>                 Your Network  
> To: <jtgorman@uiuc.edu>, <web4lib@webjunction.org>
> 
> Hi Jon,
> Thanks for the feedback. Your points are well taken. Can you suggest a
> tool for doing exactly such an audit? I have been discussing this with
> several people lately and none of us have any experience such utilities,
> nor do personally (collectively) know even the names of any good ones.
> Any recommendations pro or con from and the list at large would be
> welcome.
> 


It's been a while since I've done anything similar to a network audit.   It looks \
like some others have already responded with good suggestions.  I'll try to summarize \
what I've used in the past.  I'll warn you though, it's mostly Linux/Unix based.

First, you might be able to talk with your ISP and get some reports of commonly used \
ports and ip addresses for the outgoing traffic.  If part of the charge of the ISP is \
to provide service, I'd imagine this should fall under the contract.

In the past I personally have used a combination of logs (router, firewall, etc), \
Ethereal (packet sniffer as well as other things), and nmap (to scan for suspicious \
ports).  Nmap or a similar port scanning tool might be a good first step just to see \
if there's any odd ports accepting connections.  I've heard good things about Snort \
but don't remember using it any time recently.  Ethereal is a bit tricky to use and I \
won't claim to be much help using it  You also need to be careful if you have privacy \
concerns using Ethereal.  I vaguely also remember setting up SATAN to scan for \
rootkits, but that was quite a bit ago and don't know the state of the software these \
days.


One thought I did have is it might be possible that you have a patron with a digital \
camera who's using the computers to upload images to some service like flickr.  I've \
seen people not be aware of how huge their image files are and attempting to do \
things like email.  It's not as likely a scenario as a compromised computer, but I \
could see it happening.


Jon Gorman
-------------------------------

Research Information Specialist
University of Illinois at Champaign-Urbana
316 Main Library - MC522
1408 West Gregory Drive
Urbana, IL 61801
Phone: (217) 244-4688


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic