close

Privacy guaranteed - Your email is not shared with anyone.

network monitoring software (security)

Discussion in 'Tech Talk' started by IrvJr, Feb 7, 2007.

  1. IrvJr

    IrvJr

    Joined:
    Mar 31, 2000
    Messages:
    254
    Likes Received:
    0
    Hi All,

    I've set up a wireless network in my house using a Linksys wireless router. Can anyone recommend some good network monitoring security software? I'm interested in some kind of software that would allow me to log the router's activity to make sure the users do not access inappropriate sites. I'm planning to purchase a low cost desktop for the kids' use, but I'd like to make sure I have this software in place to keep a tab on their network activity (yes - I am Big Brother in our house).

    Any recommendations? The linksys router (54G) that I have has some rudimentary logging capability and filtering capability, but it doesn't seem like it's very helpful. I'd like to be able to monitor the network traffic and log IP addresses/domains, etc.. I'd like something that does not need to be installed on all of the machines that will be monitored - instead something that could be installed on my PC and monitor the network or communicate with the router to collect and log this info.

    Thanks in advance.
     
  2. HerrGlock

    HerrGlock Scouts Out CLM

    Joined:
    Dec 28, 2000
    Messages:
    23,801
    Likes Received:
    254
    Cheap way is to get a really low end machine, put two network cards into it and turn that into your firewall between your network and the 'net.
    Load it with some *NIX flavor and use IPF or iptables and log every packet that goes in or out.
    Then you have a history of every place every machine in your networrk goes.
     

  3. Nyper

    Nyper

    Joined:
    Jan 2, 2004
    Messages:
    353
    Likes Received:
    0
    Location:
    Lebanon TN
    A quick google search turned this up:

    http://www.net-monitoring-software.com/


    I don't think you will find something that runs only on one machine. Let's say you have two desktops hooked to a router: A and B. If A sends data to the router (such as asking for a web page), the router never sends that data to B. When data comes in from an external source, the router determines whether it should be sent to A or B and sends only to that interface.

    B would never know what A was doing unless B was polling the router and pulling the log or A was instructed to broadcast all of its data to B.
     
  4. HerrGlock

    HerrGlock Scouts Out CLM

    Joined:
    Dec 28, 2000
    Messages:
    23,801
    Likes Received:
    254
    Which is why you put something that does log in the path every machine has to take to get to the 'net, like the firewall. :supergrin:
     
  5. Gallium

    Gallium CLM

    Joined:
    Mar 26, 2003
    Messages:
    28,685
    Likes Received:
    17
    My cheapo Linksys routers do this.
     
  6. HerrGlock

    HerrGlock Scouts Out CLM

    Joined:
    Dec 28, 2000
    Messages:
    23,801
    Likes Received:
    254
    Yup, but how long does it log for? I thought those only kept a few hours of log files.
     
  7. Gallium

    Gallium CLM

    Joined:
    Mar 26, 2003
    Messages:
    28,685
    Likes Received:
    17
    I have one that logs for a week before it starts flushing/ overwriting - and it's a cheapo (under $100) unit.


    I also have a couple of the RV016 and 08. A lot more comprehensive - especially since I can gang multiple ISPs (up to eight on one of the units) for failsafe/rollover, but all of the units I've ever gotten my hands on have AWFUL implementation of forwarding (except of course, the cheap units!). Any suggestions?


    I miss the days of IPRoute...


    'Drew
     
  8. HerrGlock

    HerrGlock Scouts Out CLM

    Joined:
    Dec 28, 2000
    Messages:
    23,801
    Likes Received:
    254
    I'm a *NIX bigot, of course I have suggestions :rofl:

    Define forwarding. Remote logging or IP forwarding like for a DMZ?

    The cheapies are getting really close to some of the more expensive ones for home-type DMZ creation. It's getting funny to watch.
     
  9. G23Adam

    G23Adam .- -.. .- --

    Joined:
    Oct 1, 2003
    Messages:
    527
    Likes Received:
    0
    Location:
    SC
  10. Gallium

    Gallium CLM

    Joined:
    Mar 26, 2003
    Messages:
    28,685
    Likes Received:
    17
    Port forwarding...

    and I'm only using hardware boxes.
     
  11. HerrGlock

    HerrGlock Scouts Out CLM

    Joined:
    Dec 28, 2000
    Messages:
    23,801
    Likes Received:
    254
    Those cheesy $100 firewalls are actually pretty good at doing that if you want to stay under a thousand dollars. You're already on it :)
     
  12. IrvJr

    IrvJr

    Joined:
    Mar 31, 2000
    Messages:
    254
    Likes Received:
    0
    NYC Drew,

    What type of Linksys router are you using that keeps the weeklong logs? I have an older 54G (probably about 2 years old) and it only keeps a very short log of inbound/outbound IP addresses.

    Also, where in Kimber Country do you live? I used to live on the Putnam/Westchester border, and worked about 15 minutes north of the Kimber factory. I used to live near one of Kimber's Customer Service Manager before he retired and moved to Flordia.
     
  13. Gallium

    Gallium CLM

    Joined:
    Mar 26, 2003
    Messages:
    28,685
    Likes Received:
    17
    Irv,

    I will check my routers to see which one it is.

    I have a place 55 FEET from the NYC city line. I am less than 7 minutes from Kimber.
     
  14. grokdesigns

    grokdesigns

    Joined:
    Dec 23, 2004
    Messages:
    507
    Likes Received:
    0
    Unrelated to network monitoring, but related to keeping your kids/network/computers safe. If you have a Linksys WRT54G (and it's the right version), you can put a third party firmware on it (www.dd-wrt.com) which has a ton of access restriction functions. You can block PCs based on day, time of day, website address, website keywords, specific protocols (bit torrent, pop3, vpn, instant messengers, online games, etc.).

    It can also boost power output for better wireless performance, supports PPTP VPN connections, scheduled wake on lan, filter activex or java, etc., just a ton of enterprise grade features on a $50 home box.

    I attached a screen shot from the access restrictions page of my home router.