Hi list,
I just want to let everyone know that OSSEC (an open
source project for log analysis) now supports squid
logs.
Some of the things you can detect by analyzing your
squid logs are presented in the following document
(still a draft):
http://www.ossec.net/en/loganalysis.html#proxy
"2 - Proxy log analysis
2.1 - Internal users scanning or attacking outside
systems.
2.2 - Internal users with worms, trojans or virus.
2.3 - Invalid users in the network.
2.4 - Proxy misuse or access violations.
2.5 - Policy violations.
"
Ossec web site:
http://www.ossec.net
Hope it can be useful!
Thanks,
-- Daniel B. Cid dcid @ ( at ) ossec.net _______________________________________________________ Abra sua conta no Yahoo! Mail: 1GB de espa�o, alertas de e-mail no celular e anti-spam realmente eficaz. http://br.info.mail.yahoo.com/Received on Sun May 21 2006 - 14:58:16 MDT
This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT