Security Basics mailing list archives

Re: network audit

From: "Talisker" <offthecuff () lineone net>
Date: Mon, 10 Mar 2003 18:42:52 -0000

Hi Avi
In order to achieve what you are looking for you need a packet sniffer or
protocol analyser they store the information in a variety of formats but a
SQL query will make short work of feeding them into a database

Ethereal is free and rocks, other people prefer like TCPdump or Snort.  If
it's a commercial tool I personally like Iris as you can manipulate the
packets and replay them but also worthy of note are Sniffer, and Network
Observer, Shomiti Surveyor and Fluke.  Plus a load more that I can't
remember off the top of my head.

I tried and failed to put up a page listing them all, but the above should
help get you started

take care
-andy
Taliskers Network Security Tools
http://www.networkintrusion.co.uk




----- Original Message -----
From: "avi koren" <avikoren () fastmail fm>
To: <security-basics () securityfocus com>
Sent: Sunday, March 09, 2003 4:45 PM
Subject: network audit

Hello,

I'd like to record network traffic for later analysis. I want to record
all the packets including its data.
I prefer logging it to a database, though files are welcomed too. (thats
assuming I can later insert'em to a database).
Anyone can recommend a good product ? (commercial and non-commercial are
both welcomed)

thank you.
--
  avi koren
  avikoren () fastmail fm

--
http://www.fastmail.fm - Faster than the air-speed velocity of an
                          unladen european swallow

Current thread:

network audit avi koren (Mar 10)
- Re: network audit Eckhardt, Rodolpho H. O. (Mar 11)
  - Re: network audit Bear Giles (Mar 27)
- RE: network audit Burton M. Strauss III (Mar 11)
- Re: network audit Talisker (Mar 11)
- <Possible follow-ups>
- RE: network audit Marendra Nutriaji (Mar 11)
- RE: network audit Trevor Cushen (Mar 11)
- RE: network audit YashPal Singh (Mar 12)