Re: What tool? Fastest way to generate port info to build acl protection?

[G Ramon Gomez <gene () gomezbrothers com>]

Turnquist,Wayne wrote:

> 1st Goal: To map-document all systems and business traffic that needs to cross to/from our site.
> 2nd Goal: Create cisco acl to install on our router to permit for now all needed ports for goal number 1 and deny 
> everything else
> 3rd Goal: Modify goal number 2 acl's to include the source and destination ip numbers
>
> Looking: for the best/fastest low cost way to generate the info for goal number 1.
>
> Is there a app (prefer windows app if there is one) that can be ran in sniffer mode on my hubs that could generate all 
> ports being used, port-ip, port-dest-ip, etc where i could then quickly come up with our business model traffic pattern 
> to create a baseline acl security?
>  
I'd recommend ntop (http://www.ntop.org).  It's perfect for this sort of 
single network data mining.


-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc.  Get Certified Today
Register for a JBoss Training Course.  Free Certification Exam
for All Training Attendees Through End of 2005. For more info visit:
http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users