RE: Network Traffic Monitor

["JTH" <jth () visi com>]

Incidentally, this question was posed on Slashdot today with a good amount
of replies, over half of which are regarding Ethereal, but there are
others in there as well. 

> -----Original Message-----
> From: Eric Thirolle [mailto:edt1 () duke edu] 
> Sent: Wednesday, April 07, 2004 2:01 PM
> To: Jason Haith; securityfocus
> Subject: RE: Network Traffic Monitor
>
> There are many packet capture packages, like snort on Linux. 
> On Windows, there are some freeware options, like Ethereal or 
> AnalogX Packet Monitor. Of course, you would have to place 
> the Linux or Windows box somwehere to the outside of the 
> switches, with two NICs installed. You would get different IP 
> address info depending on whether you put it inside or 
> outside of the router, as the router is doing address translation.
>
> Alternatively, your may be able to monitor traffic on your 
> firewall or router. E.g., a Windows freeware app called 
> WallWatcher can monitor traffic on a Linksys router. Some are 
> monitorable via SNMP.
>
> Is that too basic? That just about exhausts my knowledge in this area.
>
> Eric
>
> -----Original Message-----
> From: Jason Haith [mailto:jhaith () genesissys com]
> Sent: Wednesday, April 07, 2004 8:38 AM
> To: securityfocus
> Subject: Network Traffic Monitor
>
>
> I'm curious if anyone knows of any software Windows or Linux 
> that can monitor all traffic going out of the network, 
> particularly any unusual traffic. I had a computer infected 
> with a mass mailing program that sent out enough traffic to 
> lock up my firewall the other day, which is also the firewall 
> for all our web/mail/app servers. Any ideas would be greatly 
> appreciated. Thanks in advance.
>
> Network Layout
> T1's > Router > Firewall > Switches > All servers and PC's
>
>
>
>
> Jason Haith
> Systems Administrator
> Genesis Systems
> 5712 S. 77th St
> Omaha, NE 68127
> Email: jhaith () genesissys com
>
>
> --------------------------------------------------------------
> -------------
> Ethical Hacking at the InfoSec Institute. Mention this ad and 
> get $545 off any course! All of our class sizes are 
> guaranteed to be 10 students or less to facilitate one-on-one 
> interaction with one of our expert instructors.
> Attend a course taught by an expert instructor with years of 
> in-the-field pen testing experience in our state of the art 
> hacking lab. Master the skills of an Ethical Hacker to better 
> assess the security of your organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> --------------------------------------------------------------
> --------------
>
>
>
> ______________________________________________________________
> __________
> Delivered using the Free Personal Edition of Mailtraq 
> (www.mailtraq.com)
>
> --------------------------------------------------------------
> -------------
> Ethical Hacking at the InfoSec Institute. Mention this ad and 
> get $545 off any course! All of our class sizes are 
> guaranteed to be 10 students or less to facilitate one-on-one 
> interaction with one of our expert instructors. 
> Attend a course taught by an expert instructor with years of 
> in-the-field pen testing experience in our state of the art 
> hacking lab. Master the skills of an Ethical Hacker to better 
> assess the security of your organization. 
> Visit us at: 
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> --------------------------------------------------------------
> --------------


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------