Security Basics mailing list archives
Re: Bandwidth monitor/management
From: "Paul Halliday" <paul.halliday () gmail com>
Date: Mon, 3 Apr 2006 21:10:29 -0300
You might want to look into using NetFlow. You can export flows from a router or mimic the flow records with an instance of something like fprobe running on a UNIX machine: http://fprobe.sourceforge.net/ The later is typically connected to a TAP or span port. You can then use flow-tools to extract the data you need: http://www.splintered.net/sw/flow-tools/ There is also a nice package that webifies the process (has graphs too): http://ensight.eos.nasa.gov/FlowViewer/ It is trivial to maintain years of data NetFlow. On 3/31/06, Keenan Smith <kc_smith () clark net> wrote:
Since a discussion on MRTG is ongoing, my reading of the docs indicate that it has to be pointed at an SNMP host to work properly. I was looking for something that simply monitored net traffic and reported on load, utilization, etc. Am I misunderstanding what MRTG does or just net monitoring in general? Thanks in advance Keenan Smith -----Original Message----- From: Gettin Phunky [mailto:phunkodelic () gmail com] Sent: Friday, March 31, 2006 9:52 AM To: craig () codestorm org Cc: security-basics () securityfocus com Subject: Re: Bandwidth monitor/management We use MRTG too. Easy to setup and opensource. Can use it to monitor all kinds of stuff. On 3/29/06, Craig Van Tassle <craig () codestorm org> wrote:On Tue, March 28, 2006 11:28 pm, anon () somefin de wrote:I hope this is the right list to post this. we are looking for hardware bandwidth monitoring/management solution. Has any of you have experince with that ? Another thing i want to know is in which sceneario a hardware bandwidth solution should be deployed? ie it should be deployed after or before the firewall in the network or it should be deployed in the lan ? any inputs are appreciated. Thanks in advance.Well it all depends on what exacly you are watching for? You are looking to see what is going in/out from the lan to the internet or howmuch traffic is being stopped from your firewall. It all depends really on waht exacly you want to do. ---------------------------------------------------------------------- ----- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business ContinuityPlanning,Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------- -------------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Re: Bandwidth monitor/management nedsonconde (Apr 03)
- <Possible follow-ups>
- RE: Bandwidth monitor/management Charles Hammett (Apr 03)
- RE: Bandwidth monitor/management Keenan Smith (Apr 03)
- RE: Bandwidth monitor/management Craig Van Tassle (Apr 03)
- RE: Bandwidth monitor/management David Gillett (Apr 03)
- RE: Bandwidth monitor/management Burton Strauss (Apr 03)
- Re: Bandwidth monitor/management Paul Halliday (Apr 04)
- RE: Bandwidth monitor/management Brian Bemis (Apr 03)
- Re: Re: Bandwidth monitor/management molshoop (Apr 03)
- Re: Bandwidth monitor/management Peter Morgan (Apr 03)
- RE: Bandwidth monitor/management Jennifer Jabbusch (jj) (Apr 04)