RE: Network Traffic Monitor

["Kamran Muzaffer" <kmahmed () cyber net pk>]

Looking at all the replies to date, I feel the stress of all the replies
was more on *packet capturing* which is a bit different than *traffic
monitoring*, which Jason is looking for. I had faced the similar type of
issues in the past where ethernet of some machines looked extremely busy
and generating a lot of traffic even when all the usual services and
applications were stopped. 

For monitoring purposes I prefer sysinternals' utilities available at
http://www.sysinternals.com/ntw2k/utilities.shtml on windows platform
which can provide you the details of your machine utilization in many
different ways. For tracking the inbound and outbound traffic with
source destination address and ports info, I recommend installing some
host based firewall on Windows machines, like Tiny Personal Firewall.
Its status window provides all the information which you need to know
about the network traffic of your machine.

Regards,
Kamran Muzaffer
System Security Engineer
Cyber Internet Services (Pvt.) Ltd. 
http://www.cyber.net.pk 
Karachi, Pakistan 

-----Original Message-----
From: Jason Haith [mailto:jhaith () genesissys com] 
Sent: Wednesday, April 07, 2004 5:38 PM
To: securityfocus
Subject: Network Traffic Monitor

I'm curious if anyone knows of any software Windows or Linux that can
monitor all traffic going out of the network, particularly any unusual
traffic. I had a computer infected with a mass mailing program that sent
out
enough traffic to lock up my firewall the other day, which is also the
firewall for all our web/mail/app servers. Any ideas would be greatly
appreciated. Thanks in advance.

Network Layout
T1's > Router > Firewall > Switches > All servers and PC's




Jason Haith
Systems Administrator
Genesis Systems
5712 S. 77th St
Omaha, NE 68127
Email: jhaith () genesissys com


------------------------------------------------------------------------
---
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off 
any course! All of our class sizes are guaranteed to be 10 students or
less 
to facilitate one-on-one interaction with one of our expert instructors.

Attend a course taught by an expert instructor with years of
in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization.

Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------