monitor Linksys wrt45g

I have a WRT45g Wireless router and have been monitoring it with
WallWatcher, which is giving me a lot of information, but It I'm looking
just to trap the web addresses that are visited, does anyone know of a
way to do this. Also it would be useful to grab copies of any files
sent or received as well, but i think that will need a packet grabber of
some sort.

What i'm trying to do it make sure any pc on my wireless network does
not access any odd sites or do any file sharing via msn or mail etc.

Any help would be useful

Richard <(E-Mail Removed)> wrote in news:2L38f.138706$G8.63395
@text.news.blueyonder.co.uk:

> I have a WRT45g Wireless router and have been monitoring it with
> WallWatcher, which is giving me a lot of information, but It I'm
looking
> just to trap the web addresses that are visited, does anyone know of a
> way to do this. Also it would be useful to grab copies of any files
> sent or received as well, but i think that will need a packet grabber
of
> some sort.
>
> What i'm trying to do it make sure any pc on my wireless network does
> not access any odd sites or do any file sharing via msn or mail etc.
>
> Any help would be useful
>

You can review the WallWatcher logs as that is what it's there for is for
you to review the network traffic to/from machines on the LAN. If you
want to go beyond that, then you need to install Ethereal (free packet
sniffer) on the machine that logs all outbound traffic leaving a machine
and to what IP the packets are being sent to for a remote location.

Duane

On Thu, 27 Oct 2005 12:55:17 GMT, Duane Arnold <(E-Mail Removed)>
wrote:

>Richard <(E-Mail Removed)> wrote in news:2L38f.138706$G8.63395
>@text.news.blueyonder.co.uk:
>
>> I have a WRT45g Wireless router and have been monitoring it with
>> WallWatcher, which is giving me a lot of information, but It I'm
>looking
>> just to trap the web addresses that are visited, does anyone know of a
>> way to do this. Also it would be useful to grab copies of any files
>> sent or received as well, but i think that will need a packet grabber
>of
>> some sort.
>>
>> What i'm trying to do it make sure any pc on my wireless network does
>> not access any odd sites or do any file sharing via msn or mail etc.
>>
>> Any help would be useful

>You can review the WallWatcher logs as that is what it's there for is for
>you to review the network traffic to/from machines on the LAN. If you
>want to go beyond that, then you need to install Ethereal (free packet
>sniffer) on the machine that logs all outbound traffic leaving a machine
>and to what IP the packets are being sent to for a remote location.

The problem with using Ethereal for this is that it requires that a
capture file be generated for analysis. This can be done but it is
rather difficult to automate continuously. The capture log, even with
filters can get rather huge. There's also no easy way to deal with
redundant requests to the same web pile.

Try Syslog or SNMP traps.

I'll assume that the WRT54G is using non-Linksys firmware. Turn on
Syslog in the WRT54G and point it at a Windoze monitoring server.
Install some kind of Syslog capture and reporting program.
http://www.kiwisyslog.com/products.htm
Note that this program will also do SNMP trap logging. I suggest you
just look at what syslog generates and see if there's anything that
can be filtered (grep) into a report.

SNMP traps can be set to generate a UDP trap message every time a web
page is accessed. The Linksys BEFxxxx series of routers have this
feature built in. I use:
http://svs.sv.funpic.de
for monitoring which does exactly what you want. Note that you don't
need the Norton Firewall monitoring to use the Linksys log monitor
feature.

The problem is that the WRT54G is not configured for generating the
necessary SNMP traps. I'm sure Linux can be convinced to do so, but
don't have the time and interest to figure it out. You might ask for
help on the Log Viewer forums.

I also just blundered across this logger:
http://www.linklogger.com
I haven't tried it but it supports the WRT54G and looks like it will
work. One catch, $50 shareware.

--
Jeff Liebermann (E-Mail Removed)
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558