Community discussions

 
simonetmp
just joined
Topic Author
Posts: 14
Joined: Wed Jun 05, 2013 2:12 am

Monitor Traffic/Resolve IP Address to Hostnames

Sun Jan 19, 2014 8:40 pm

I've been looking for a way to do this for awhile and still haven't found a solid way to do so. Is there a way to either in real time or through a log, keep track of what websites which hosts are visiting? I know there are all sorts of ways in RouterOS you can view connections and there is the packet sniffer etc....but none of these resolve the ip to a hostname so to really see what they are visiting I have to track who that ip belongs to.

Any ideas?

Thanks in advance,
Matt
 
User avatar
dasiu
Trainer
Trainer
Posts: 232
Joined: Fri Jan 30, 2009 11:41 am
Location: Reading, UK
Contact:

Re: Monitor Traffic/Resolve IP Address to Hostnames

Mon Jan 20, 2014 2:01 am

1. Enable webproxy (/ip proxy set enabled=yes)
2. Let all HTTP traffic go through the webproxy (/ip firewall nat add chain=dstnat action=redirect dst-port=80 protocol=tcp to-port=8080)
3. Just log the "webproxy,!debug" - /system logging add topics=web-proxy,!debug action=... (disk, probably)
- that's all :)
 
sharonw
just joined
Posts: 1
Joined: Wed Jan 22, 2014 7:21 am

Re: Monitor Traffic/Resolve IP Address to Hostnames

Wed Jan 22, 2014 8:29 am

There are many methods to track IP address of a host like:

• Open Command Prompt/terminal in Windows/MAC system.
• Ping web address of the host like ping http://www.facebook.com
• Press Enter and the IP address of the site will be displayed.

However this method can be implemented when you want to track IP of 2-3 websites. Tracking IP detail of every host needs a Web proxy on your server. Enable web proxy and allow it to track each and every user/host IP that are visiting your network. This will allow you to track web spam and bot traffic as well. Any unusual traffic coming from particular source can be regarded as a spam traffic which is dangerous for a server/host/website. You can prevent those web spam and bot traffic with the help of services like ScrapeSentry, ScrapeDefender, Distil Network, ScrapeShield etc.

Who is online

Users browsing this forum: No registered users and 89 guests