[Web4lib] Fwd: About Computer Networking:How MySpace May BeHurting Your Network

Jonathan Gorman jtgorman at uiuc.edu
Wed Jun 27 09:02:33 EDT 2007


--- Original message ----
>Date: Tue, 26 Jun 2007 16:51:12 -0500
>From: "Robin" <rboulton at stcharleslibrary.org>  
>Subject: RE: [Web4lib] Fwd: About Computer Networking:How MySpace May	BeHurting Your Network  
>To: <jtgorman at uiuc.edu>, <web4lib at webjunction.org>
>
>Hi Jon,
>Thanks for the feedback. Your points are well taken. Can you suggest a
>tool for doing exactly such an audit? I have been discussing this with
>several people lately and none of us have any experience such utilities,
>nor do personally (collectively) know even the names of any good ones.
>Any recommendations pro or con from and the list at large would be
>welcome.
>


It's been a while since I've done anything similar to a network audit.   It looks like some others have already responded with good suggestions.  I'll try to summarize what I've used in the past.  I'll warn you though, it's mostly Linux/Unix based.

First, you might be able to talk with your ISP and get some reports of commonly used ports and ip addresses for the outgoing traffic.  If part of the charge of the ISP is to provide service, I'd imagine this should fall under the contract.

In the past I personally have used a combination of logs (router, firewall, etc), Ethereal (packet sniffer as well as other things), and nmap (to scan for suspicious ports).  Nmap or a similar port scanning tool might be a good first step just to see if there's any odd ports accepting connections.  I've heard good things about Snort but don't remember using it any time recently.  Ethereal is a bit tricky to use and I won't claim to be much help using it  You also need to be careful if you have privacy concerns using Ethereal.  I vaguely also remember setting up SATAN to scan for rootkits, but that was quite a bit ago and don't know the state of the software these days.


One thought I did have is it might be possible that you have a patron with a digital camera who's using the computers to upload images to some service like flickr.  I've seen people not be aware of how huge their image files are and attempting to do things like email.  It's not as likely a scenario as a compromised computer, but I could see it happening.


Jon Gorman
-------------------------------

Research Information Specialist
University of Illinois at Champaign-Urbana
316 Main Library - MC522
1408 West Gregory Drive
Urbana, IL 61801
Phone: (217) 244-4688



More information about the Web4lib mailing list