Security Basics mailing list archives
RE: W2K server "sniffer"
From: "James Lee Gromoll" <jgromoll () hotmail com>
Date: Mon, 02 Jun 2003 13:06:08 -0700
my $.02Ethereal on a seperate Linux or W2K box is about the best answer. Netmon is fine, but the one shipped with server only monitors traffic to and from the server. If you want to detect rogue traffic then the only real solution is a seperate box. Anyone who has ever run ethereal on a server in realtime mode can surely attest to some significant performance hit.
jlg _________________________________________________________________The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: W2K server "sniffer" Velasquez Venegas Jaime Omar (Jun 01)
- <Possible follow-ups>
- RE: W2K server "sniffer" James Lee Gromoll (Jun 02)