Security Basics mailing list archives
Re: sniffers
From: "Harrison Holland" <harrisonholland () gmail com>
Date: Tue, 28 Feb 2006 14:22:40 -0500
Ethereal is a very useful tool for getting a grasp on your network, however the most important part is (as you said) to understand what you are looking for. I'd recommend a great introduction to packet forensics which can be found here: http://www.securityfocus.com/infocus/1845 Definitely a good read. Harrison On 2/27/06, John Patota <john.patota () gmail com> wrote:
Using ethereal you can set up monitors in different problem spots on the network. You can analyze the flow of traffic first ruling out the possibility that someone inside can have a virus or is downloading excessive amounts of material. Once you are certain the traffic is legit, you have a load balancing problem you can address by reshaping your topology based on the current bandwidth requirements, anticipating what future needs will be as best you can to head off any forthcoming issues. A good idea is to have a proactive approach to network monitoring. Snort is a good tool for identifying not only malicious activity, but when configured properly, can give you fair idea of traffic analysis as well. - John Patota On 2/25/06, Bilal Abdullah Fakhruddin <bilal () etainfotech com> wrote:Hello, Recently I am facing problems in my network. Sometimes the network is fast and sometimes it is slow. Im a bit familiar with Ethereal, but i dont know what I am looking for. Could anybody help me out by pointing out where i could start or to any documents available? Thanks in advance. Regards, Bilal --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------------------------------------------------------------------------------------ EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: sniffers Harrison Holland (Mar 01)
- Re: sniffers Michel Pereira (Mar 03)