Re: netflow tools

[s b <skullrockz () yahoo com>]

Hi

Thanks Mike they were useful articles on netflow. Is
anyone aware of any tool (pref open source) that
collects the data into a backend database. 

What we are trying to do is try and collate netflow
data of several routers in different locations. Thus
we want to filter out only selected fields of data to
be able to observe trends in them.

Regards

skullrockz

--- Mike <securitybasics () infinity77 net> wrote:

> Thanks Kelly, those articles on the securityfocus
> site definitely provided
> some useful information. I found 2 others sites I
> have found to be very good
> for making the most out of flow-tools, I just wanted
> to share them with the
> group.
http://www.giac.org/practical/GSEC/Matthew_Olney_GSEC.pdf
> http://www.linuxgeek.org/netflow-howto.php
>
> > On Thu, 7 Oct 2004, Mike wrote:
> >
> > > I mean, I already have the data being exported
> to a server with
> flowtools
> > > but I'm looking for more information about using
> flowtools to make it
> more
> > > informative.
> >
> > How about the recent Netflow article series we
> published on SecurityFocus,
> > written by Yimming Gong? It's focused on getting
> meaningful information by
> > filtering the data.
> >
> > Detecting Worms and Abnormal Activities with
> NetFlow, Part 1
> > http://www.securityfocus.com/infocus/1796
> >
> > Detecting Worms and Abnormal Activities with
> NetFlow, Part 2
> > http://www.securityfocus.com/infocus/1802
> >
> > If you're able to find a better set of articles
> than these, including
> > something in more detail, please let us know as I
> see opportunity for us
> > to publish more articles on this topic.



                
__________________________________
Do you Yahoo!?
Y! Messenger - Communicate in real time. Download now. 
http://messenger.yahoo.com