2011-10-11 - Re: [GRASE-Hotspot] Re Logging

Header Data

From: Tim White <ti***8@gmail.com>
Message Hash: 2b0bbd5f379b991dafeea6e55527ddd04d0128870fd25560c406a09d774a2627
Message ID: <4E94AB61.1080003@gmail.com>
Reply To: <CAPfECMEtBQPCvgDVgPQtA+fvwZiqW75+8bLan_4jZN70xVLb8A@mail.gmail.com>
UTC Datetime: 2011-10-11 13:47:29 UTC
Raw Date: Wed, 12 Oct 2011 06:47:29 +1000

Raw message 

It's interesting that you say all you need is ip, time and url. For 
example, if someone downloads a torrent file (which is the most common 
way of downloading movies atm), and then actually downloads the movie 
via bittorrent while on your connect, you won't have anything in your 
logs to show. All the torrent traffic is on ports other than 80, and 
don't involve a url at all. (And lots of torrents are now trackerless, 
so no url's from the tracker connection ether).

Ether way, look at setting up a cron job to copy the squid logs once a 
month and you should have plenty of ips, times and urls from that! If 
you go through the database backups too, you'll even be able to match 
the ip to a mac address.

Tim

On 12/10/11 05:11, Marty Thompson wrote:
> Have been told from a legal type
> they need 6 months of data retenion
> all they need is ip time date and url visited not got any other data
> he said because of all the movie suing going around
> the reason as last week a person got around our wireless settings in 
> motel and downloaded 50 gig in 3 days
> all i have to do is put a disclaimer on logging page and i am covered
> well thats in aus anyway
> cheers
>
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure contains a
> definitive record of customers, application performance, security
> threats, fraudulent activity and more. Splunk takes this data and makes
> sense of it. Business sense. IT sense. Common sense.
> http://p.sf.net/sfu/splunk-d2d-oct
>
>
> _______________________________________________
> Grase-hotspot mailing list
> Gr***t@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/grase-hotspot

Thread