RE: Protocol accounting analysis program?

["Tenorio, Leandro" <LTenorio () intelaction com>]

        There're at least 3 different ways to do that, if you need it
for internet connections your firewall can do that using either using
syslog or build in reporting, for internal user you could also use RMON
on any SNMP/RMON capable switch, the last one, you could use any packet
snifer on windows / linux to do the trick, I'm using a combination of
the first two @ our site.

  

-----Original Message-----
From: Rock Lobster [mailto:rocklobster () cheerful com] 
Sent: Thursday, December 02, 2004 5:18 PM
To: honeypots () securityfocus com
Subject: Protocol accounting analysis program?




Hi,

Whats everyone out there using to account for the amount of traffic
different protocols are generating?

I just can't seem to find an application (linux or windows) that will do
the trick.   I can find plenty of applications that will let me know the
quantity of traffic that is ultimately flowing in and out of my
interfaces, but I want something that lets me know how much traffic
http, ftp, irc, rpc, or whatever I flag generates.

Preferably somethinng I can monitor through http too :)

I've checked freshmeat, deja/google etc relentlessly.