nv-l
[Top] [All Lists]

Use Netview/Optivity/DNS as WWW-Porno/Sex-Blocker

To: nv-l@lists.tivoli.com
Subject: Use Netview/Optivity/DNS as WWW-Porno/Sex-Blocker
From: Winfried Gehrig <Winfried.Gehrig@SKF.COM>
Date: Fri, 28 May 1999 14:45:38 +0100
Reply-to: Discussion of IBM NetView and POLYCENTER Manager on NetView <NV-L@UCSBVM.UCSB.EDU>
Sender: Discussion of IBM NetView and POLYCENTER Manager on NetView <NV-L@UCSBVM.UCSB.EDU>
Hello netview-folks around the planet,

we have big problems with overloaded WAN-links and routers due to massive
use of
Internet-surfing without business-related things.

I would like to use our Netview V5.1/Optivity 8.1.1/BIND-DNS-AIX-machine
for blocking users
with big usage of Internet-Porno-pages automatically with a small program
or script.

Manually I can block traffic carrying out the following steps:

1. Automatic watch of DNS-activity on DNS-system

kill -WINCH `cat /etc/named.pid` creates Name-resolution-Output in
syslog-file where
I can see IP-adress of user together with visited Internet-page.

For example:
May 28 13:58:40 schx00 named[38032]: XX /172.163.61.164/www.porno.com/A

May 28 13:58:49 schx00 named[38032]: XX /172.163.61.164/www.xxxstuff.de/A

May 28 13:58:49 schx00 named[38032]: XX /172.163.61.164/www.bigtits.de/A

May 28 13:58:57 schx00 named[38032]: XX /172.163.61.164/www.hardcore.com/A


2. Search automatically for certain key-words like tits, porno,hardcore,
naked, sex, dildo etc.

Any ideas from people with script-knowledge?

3. Resolve MAC-Adress of user surfing on Porno-pages:

SCHX00:/Ping 172.163.61.164
SCHX00:/ arp -a|grep 172.163.61.164



  schpc314.sch.skf.se (172.163.61.164) at 40:0:1:22:9:17 [token ring]
rt=6c0:213c:2a60

4. Use Optivity/Netatlas-Database to query the used Hub-port  for location
of MAC-address
Today I use Netatlas to search the MAC-adress-location in different
subnets.
I would like to do this from the command-line. Any ideas from BAY-experts ?

5. Wrap hub-port of PC using snmpset-command to disable PC-activity for 15
minutes

snmpset - t 5 -c private BAYHUB01 .1.3.6.1.4.1.45.1.3.3.3.1.1.3.1.14  would
 wrap ports permanently.

My intention is to put all these manual steps into a automatic script
activated by cron.
A file for keywords should be maintained manually.
A success/statistical output for number of ports blocked per hour or day
would be an extra feature.

Now my questions to the forum:

1. Has anybody setup such a script or can give me a hint how to do it ?
2. Does anybody know how one can ask the Optivity-database from the
commandline for
the Hub/Port-location of a given MAC- or IP-adress ?
3. Who knows the exact snmpset-command-syntax on AIX  for blocking ports
for 15 minutes instead of
blocking permanently for Bay-Hubs like 27xx,, 28xx, with advanced agent and
 810M with basic-agent.

Thank You for Your help in advance.

                      ```
                     (o o)
------------------oOO-(_)-OOo------------------
Winfried Gehrig         mailto:Winfried.Gehrig@skf.com
SKF GmbH                FON  ++49(0)9721 56 3077
Schweinfurt(Germany)    FAX  ++49(0)9721 56 3266

Our bearings turn the planet
http://www.skf.com
-----------------------------------------------

<Prev in Thread] Current Thread [Next in Thread>

Archive operated by Skills 1st Ltd

See also: The NetView Web