Security Basics mailing list archives
RE: Network Traffic Monitor
From: "Eric Thirolle" <edt1 () duke edu>
Date: Wed, 7 Apr 2004 15:01:13 -0400
There are many packet capture packages, like snort on Linux. On Windows, there are some freeware options, like Ethereal or AnalogX Packet Monitor. Of course, you would have to place the Linux or Windows box somwehere to the outside of the switches, with two NICs installed. You would get different IP address info depending on whether you put it inside or outside of the router, as the router is doing address translation. Alternatively, your may be able to monitor traffic on your firewall or router. E.g., a Windows freeware app called WallWatcher can monitor traffic on a Linksys router. Some are monitorable via SNMP. Is that too basic? That just about exhausts my knowledge in this area. Eric -----Original Message----- From: Jason Haith [mailto:jhaith () genesissys com] Sent: Wednesday, April 07, 2004 8:38 AM To: securityfocus Subject: Network Traffic Monitor I'm curious if anyone knows of any software Windows or Linux that can monitor all traffic going out of the network, particularly any unusual traffic. I had a computer infected with a mass mailing program that sent out enough traffic to lock up my firewall the other day, which is also the firewall for all our web/mail/app servers. Any ideas would be greatly appreciated. Thanks in advance. Network Layout T1's > Router > Firewall > Switches > All servers and PC's Jason Haith Systems Administrator Genesis Systems 5712 S. 77th St Omaha, NE 68127 Email: jhaith () genesissys com --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- ________________________________________________________________________ Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Network Traffic Monitor Jason Haith (Apr 07)
- Re: Network Traffic Monitor C . Brauckmiller (Apr 07)
- RE: Network Traffic Monitor Burton M. Strauss III (Apr 08)
- RE: Network Traffic Monitor Eric Thirolle (Apr 07)
- RE: Network Traffic Monitor JTH (Apr 08)
- Re: Network Traffic Monitor Miguel Ángel Pérez Muñoz (Apr 08)
- <Possible follow-ups>
- RE: Network Traffic Monitor Shawn Jackson (Apr 07)
- RE: Network Traffic Monitor Kamran Muzaffer (Apr 12)
- Re: Network Traffic Monitor C . Brauckmiller (Apr 07)