On Thu, 10 Jul 2003, steve wrote:
> On Thursday 10 July 2003 04:54 pm, you wrote:
> > I hate to have to ask this but it has become apparent that I have to do
> > something about the situation.
> > One of our sales reps is "allegedly" divulging trade secrets vie email to
> > rival companies and some customers. My higher-ups have asked me to begin
> > tracking all of the users email and keep copies of them for review. They
> > would also like me to track incoming mail to this user as well. All
> > without attracting the attention of the user... of course. :-)
>
> You can also listen to all communications on your LAN and grab a copy of
> everything matching a specific port and write it to file. Every midnight
> you could have cron rename it based on date for posterity and ease of
> access.
>
> F.ex. Ethereal can record all LAN traffic and filter it on any port and
> write a file. Then put a hub between your external Internet connection and
> your LAN so that you can read the traffic from a different port. (Since a
> switch will not allow for this.)
>
> I used a simple text based sniffer many years ago to do this but I cannot
> recall the name of it. Maybe I (or someone else) can recall it...
the simple text based sniffer would probably be tethereal.. The command
line version to Ethereal.. They come together and have the same
functionality.
Jason
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:08:11 EDT