Security Basics mailing list archives
Re: Network Traffic Monitor
From: Miguel Ángel Pérez Muñoz <g-andromeda () iespana es>
Date: Thu, 8 Apr 2004 11:17:40 +0200
I think that better solution is sniffing all packets which remote point are port 109, 110 and 25 (pop2, pop3 and smtp ports). One of your host have a lot of conections, this is the host infected, but if you try this method, the sniffer needs to be instaled between firewall and switches: T1's > Router > Firewall > Switches > All servers and PC's ^ Sniffer. ----- Original Message ----- From: "Jason Haith" <jhaith () genesissys com> To: "securityfocus" <security-basics () securityfocus com> Sent: Wednesday, April 07, 2004 2:37 PM Subject: Network Traffic Monitor
I'm curious if anyone knows of any software Windows or Linux that can monitor all traffic going out of the network, particularly any unusual traffic. I had a computer infected with a mass mailing program that sent
out
enough traffic to lock up my firewall the other day, which is also the firewall for all our web/mail/app servers. Any ideas would be greatly appreciated. Thanks in advance. Network Layout T1's > Router > Firewall > Switches > All servers and PC's Jason Haith Systems Administrator Genesis Systems 5712 S. 77th St Omaha, NE 68127 Email: jhaith () genesissys com --------------------------------------------------------------------------
-
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or
less
to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html --------------------------------------------------------------------------
--
---Publicidad-------------------------------------------------------- Únete a los miles de sin pareja en Meetic... ¡te vas a enamorar! http://www.iespana.es/_reloc/email.meetic
---Publicidad-------------------------------------------------------- Juega con Ventura24.es, lotería inteligente y multiplica tus posibilidades!! http://www.iespana.es/_reloc/email.ventura --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Network Traffic Monitor Jason Haith (Apr 07)
- Re: Network Traffic Monitor C . Brauckmiller (Apr 07)
- RE: Network Traffic Monitor Burton M. Strauss III (Apr 08)
- RE: Network Traffic Monitor Eric Thirolle (Apr 07)
- RE: Network Traffic Monitor JTH (Apr 08)
- Re: Network Traffic Monitor Miguel Ángel Pérez Muñoz (Apr 08)
- <Possible follow-ups>
- RE: Network Traffic Monitor Shawn Jackson (Apr 07)
- RE: Network Traffic Monitor Kamran Muzaffer (Apr 12)
- Re: Network Traffic Monitor C . Brauckmiller (Apr 07)