Hi list, I just want to let everyone know that OSSEC (an open source project for log analysis) now supports squid logs. Some of the things you can detect by analyzing your squid logs are presented in the following document (still a draft): http://www.ossec.net/en/loganalysis.html#proxy "2 - Proxy log analysis 2.1 - Internal users scanning or attacking outside systems. 2.2 - Internal users with worms, trojans or virus. 2.3 - Invalid users in the network. 2.4 - Proxy misuse or access violations. 2.5 - Policy violations. " Ossec web site: http://www.ossec.net Hope it can be useful! Thanks, -- Daniel B. Cid dcid @ ( at ) ossec.net _______________________________________________________ Abra sua conta no Yahoo! Mail: 1GB de espaço, alertas de e-mail no celular e anti-spam realmente eficaz. http://br.info.mail.yahoo.com/
