RE: Net Flows and Analysis tools

["Barry Raveendran Greene" <bgreene () cisco com>]

Hello Alex,

Check out work on the following:

NLANR's work on real time flow analysis (links off of http://www.nlanr.net)

The IETF RTFM Work (overview at http://www.ietf.org with details at
http://www.auckland.ac.nz/net/Internet/rtfm/)

NeTraMet - A nice tools used by many ISPs
(http://www.auckland.ac.nz/net/Accounting/ntm.Release.note.html)


Barry


> -----Original Message-----
> From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
> Pete Kruckenberg
> Sent: Monday, January 11, 1999 8:51 AM
> To: nanog () merit edu
> Subject: Re: Net Flows and Analysis tools
>
>
> On Sun, 10 Jan 1999 alex () nac net wrote:
>
> > I am looking for some real-time net flow and analysis tools.
> >
> > If anyone has any pointers, I'd appreciate it.
> >
> > Something like Cisco Netflow, but that doesn't require a Cisco Router
> > to capture (ie, a Unix box with promiscuous ethernets instead).
>
> One that seems to be pretty good is Network Flight Recorder (
> http://www.nfr.com ). This can run on an affordable Intel or Sparc box,
> and for internal private use, it's free (and somewhat limited in speed).
> There are also some (free)  modules for it at loPht ( http://www.L0pht.com
> -- make sure you get L"zero"pht.com, or you'll get a nice surprise).
>
> NFR is a general-purpose platform for network analysis and reporting, but
> it seems that right now it is most well-known for security analysis and
> detection. The cool thing about it is that you can write your own modules
> (that's one of the intents of the samples at L0pht.com).
>
> Pete Kruckenberg
> http://pete.kruckenberg.com/resume