RE: Network Traffic Monitor

["Eric Thirolle" <edt1 () duke edu>]

There are many packet capture packages, like snort on Linux. On Windows,
there are some freeware options, like Ethereal or AnalogX Packet Monitor. Of
course, you would have to place the Linux or Windows box somwehere to the
outside of the switches, with two NICs installed. You would get different IP
address info depending on whether you put it inside or outside of the
router, as the router is doing address translation.

Alternatively, your may be able to monitor traffic on your firewall or
router. E.g., a Windows freeware app called WallWatcher can monitor traffic
on a Linksys router. Some are monitorable via SNMP.

Is that too basic? That just about exhausts my knowledge in this area.

Eric

-----Original Message-----
From: Jason Haith [mailto:jhaith () genesissys com]
Sent: Wednesday, April 07, 2004 8:38 AM
To: securityfocus
Subject: Network Traffic Monitor


I'm curious if anyone knows of any software Windows or Linux that can
monitor all traffic going out of the network, particularly any unusual
traffic. I had a computer infected with a mass mailing program that sent out
enough traffic to lock up my firewall the other day, which is also the
firewall for all our web/mail/app servers. Any ideas would be greatly
appreciated. Thanks in advance.

Network Layout
T1's > Router > Firewall > Switches > All servers and PC's




Jason Haith
Systems Administrator
Genesis Systems
5712 S. 77th St
Omaha, NE 68127
Email: jhaith () genesissys com


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------



________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------