Snort mailing list archives

Re: Basic snort setup for traffic analysis

From: Erek Adams <erek () theadamsfamily net>
Date: Mon, 30 Sep 2002 07:14:57 -0700 (PDT)

On Mon, 30 Sep 2002, Nanabhay Mohamed    * Group  (GP) wrote:

I want to run snort on a network for about 5 days and then use snortsnarf
(or anything else someone can recommend) to analyse what sort of traffic is
going through the network.


[...snip...]

You're using the wrong tool.  :)

Use Ntop[0] or iptraf[1].  They should show you exactly what's going on.

Cheers!

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net


[0]     http://freshmeat.net/projects/ntop/?topic_id=152
[1]     http://freshmeat.net/projects/iptraf/?topic_id=152



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Basic snort setup for traffic analysis Nanabhay Mohamed * Group (GP) (Sep 30)
- Re: Basic snort setup for traffic analysis Erek Adams (Sep 30)