I'm not sure if this is the right place for this, but I'm giving it a shot anyway. I've got web traffic logs for our users. In a WFA case, I need to be able to pull an individual employee's activity out of our logs and categorize the sites visited by said soon-to-be-ex-employee by site type. For instance: safe-mail.net = Web-based email google.com = Search site foxnews.com = News weather.com = Weather whitehouse.com = Adult entertainment I know a lot of the filtering suites out there do this kind of categorization, but I just need a good, often-updated category list by domain name so that I can grab the connection request heading to an IP and do a rough categorization based on what that IP resolves to. I also want to roll this category list into our post-WFA forensic analysis procedures so I can give a categorized report along with the actual system and evidence images. Any ideas? I figure this roughly fits into the kind of work some of us do, a.k.a. finding out what people do when they use our computers in ways that aren't intended. Thanks, JJ --------------------- J. J. Horner CISSP,CCNA,CHSS,CHP ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Jul 29 2003 - 11:21:24 PDT