[squid-users] Squid log analysis

From: Daniel Cid <[email protected]>
Date: Sun, 21 May 2006 17:58:08 -0300 (ART)

Hi list,

I just want to let everyone know that OSSEC (an open
source project for log analysis) now supports squid
logs.

Some of the things you can detect by analyzing your
squid logs are presented in the following document
(still a draft):

http://www.ossec.net/en/loganalysis.html#proxy

"2 - Proxy log analysis

2.1 - Internal users scanning or attacking outside
systems.
2.2 - Internal users with worms, trojans or virus.
2.3 - Invalid users in the network.
2.4 - Proxy misuse or access violations.
2.5 - Policy violations.
"

Ossec web site:
http://www.ossec.net

Hope it can be useful!

Thanks,

--
Daniel B. Cid
dcid @ ( at ) ossec.net
		
_______________________________________________________ 
Abra sua conta no Yahoo! Mail: 1GB de espa�o, alertas de e-mail no celular e anti-spam realmente eficaz. 
http://br.info.mail.yahoo.com/
Received on Sun May 21 2006 - 14:58:16 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT