Full Disclosure mailing list archives
Re: Considering nSight, any thoughts? (Final comment)
From: Steven Rakick <stevenrakick () yahoo com>
Date: Wed, 7 Sep 2005 11:46:23 -0700 (PDT)
Due to the number of emails I received off the list from students, I wanted to point something out. Intrusense sent out an email notice yesterday evening regarding the release of nSight 2.0. It appears they've adopted a new licensing model. Not only is their license no longer bound to a specific URL, but also they're offering free licenses for personal, educuational and otherwise non-commercial end users. I thought that was pretty cool. Steve --- Jeff Boston <nospam () techemail com> wrote: --------------------------------- Hi. Sorry for the delay in my response. Jason/Steven, I'd highly recommend this or other products like it. It's quite affordable and very easy to get running (although they need to create more documentation). We've been using the new version of nSight for approximately 2 months now and it's been quite useful and more so by the day. I'm learning that the more network information nSight collects, the more valuable it becomes. It's helped us identify the cause of several intermittent problems we've had for at least a year now because we were able to go back and look specifically at the point in time where the problem occured (2 times in 2 months). The problem was knocking off users from a few servers in our DMZ so we're happy it's been resolved. We also had a couple users who were doing a ton of pirated software uploads/downloads. We idenitified then within 30 minutes of installing nSight. That's about it. Email me off the list if you have any questions. J. Author: Steven Rakick Date: 2005-07-30 14:302005-07-30 18:30 -400UTC To: Jason Heschel, security-basics Subject: Re: Considering nSight, any thoughts? Jason, I did respond, but to another list. Here's my post just in case... - Jason, Been running nSight for a little over a year now with data purge after 13 months. We have 3 agents at remote offices with each inspecting the traffic of around 700-900 hosts. It's been quite helpful. We *had* a ton of P2P traffic in our networks. When we started out last year, we tried to host all 3 agents on a low end HP blade (with a laptop hd). After about 2 months it became very slow (mostly due to disk IO). We upgraded to a faster blade with fast SCSI disk and it's been flying along ever since. Also, according to another poster (Darrin Maidlow) on Full Disclosure, there is a beta program in place right now for nSight 2.0 at http://www.intrusense.com/products/beta. I'm not sure if you're evaluating 2.0 or 1.x. Steve --- Jason Heschel <jason.heschel () gmail com> wrote:
Hello list, We've spent the last few weeks evaluating nSight (a network analysis package from Intrusense) and are now considering making a purchase. I'm curious to hear any opinions, problems or praise people have for this software. Does it scale well? How does it perform after collecting several months worth of data? -jason
--------------------------------- Are you a Techie? Get Your Free Tech Email Address Now! Visit http://www.TechEmail.com ______________________________________________________ Click here to donate to the Hurricane Katrina relief effort. http://store.yahoo.com/redcross-donate3/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Considering nSight, any thoughts? (Final comment) Steven Rakick (Sep 07)