Re: sniffers

["Harrison Holland" <harrisonholland () gmail com>]

Ethereal is a very useful tool for getting a grasp on your network,
however the most important part is (as you said) to understand what
you are looking for.  I'd recommend a great introduction to packet
forensics which can be found here:

http://www.securityfocus.com/infocus/1845

Definitely a good read.

Harrison

On 2/27/06, John Patota <john.patota () gmail com> wrote:
> Using ethereal you can set up monitors in different problem spots on
> the network. You can analyze the flow of traffic first ruling out the
> possibility that someone inside can have a virus or is downloading
> excessive amounts of material. Once you are certain the traffic is
> legit, you have a load balancing problem you can address by reshaping
> your topology based on the current bandwidth requirements,
> anticipating what future needs will be as best you can to head off any
> forthcoming issues.
>
> A good idea is to have a proactive approach to network monitoring.
> Snort is a good tool for identifying not only malicious activity, but
> when configured properly, can give you fair idea of traffic analysis
> as well.
>
>
> - John Patota
>
> On 2/25/06, Bilal Abdullah Fakhruddin <bilal () etainfotech com> wrote:
> > Hello,
> >
> > Recently I am facing problems in my network. Sometimes the network is fast
> > and sometimes it is slow. Im a bit familiar with Ethereal, but i dont know
> > what I am looking for. Could anybody help me out by pointing out where i
> > could start or to any documents available? Thanks in advance.
> >
> > Regards,
> >
> > Bilal
> >
> >
> >
> > ---------------------------------------------------------------------------
> > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> > The Norwich University program offers unparalleled Infosec management
> > education and the case study affords you unmatched consulting experience.
> > Tailor your education to your own professional goals with degree
> > customizations including Emergency Management, Business Continuity Planning,
> > Computer Emergency Response Teams, and Digital Investigations.
> >
> > http://www.msia.norwich.edu/secfocus
> > ---------------------------------------------------------------------------
>
> ---------------------------------------------------------------------------
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The Norwich University program offers unparalleled Infosec management
> education and the case study affords you unmatched consulting experience.
> Tailor your education to your own professional goals with degree
> customizations including Emergency Management, Business Continuity Planning,
> Computer Emergency Response Teams, and Digital Investigations.
>
> http://www.msia.norwich.edu/secfocus
> ---------------------------------------------------------------------------

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------