Security Basics mailing list archives
Re: Sniffer and Network Analyzer - which one?
From: Isaac Perez Moncho <suscripcions () tsolucio com>
Date: Wed, 11 Jul 2007 20:40:54 +0200
Hi,I think NTOP is the most easy to use-install of the three, because is really easy to do it. We used cacti and I think is more focused on monitoring network devices like routers, switchs, etc.. or monitoring servers. And it doesn't give any more info that the provided by the device that sends the snmp. In your problematic switch it can say you what happens in layer 2, 3 or 4. And opennms is for monitoring and do actions with the network, "manage" the network. I think that if you only want to know who is causing the problems and how it did the best option is NTOP. Because it does exactly what you want and is very easy to run it. You only should install the package (I used in opensuse and ubuntu) and place the device in a place that can sniff all the traffic (by example in a monitoring port of the problematic switch).
After that it start collecting statistics about the traffic.I think, for monitoring, cacti should be used for a more large monitoring plan. It's very useful.
And opennsm is other matter. I wish that helps you. En/na WALI ha escrit:
HiFollowing on a related conversation I have been thinking to ask this query forquite a long time but kept delaying it, so here I am: Are the three Open Source products http://cacti.net/ , OpenNMS and NTOP catering to different needs? A white paper published here: http://www.techsupportalert.com/r1525.htmdoesn't even list any of these three on it's Top ten but they are most heardin the technical forums.Finally, within my LAN, that comprises of 10 subnet VLANs and spans across10 floors, what would be the best way to incorporate any of these? Pls advise!
Current thread:
- Sniffer and Network Analyzer - which one? WALI (Jul 11)
- Re: Sniffer and Network Analyzer - which one? Isaac Perez Moncho (Jul 11)
- Re: Sniffer and Network Analyzer - which one? Kurt Buff (Jul 11)
- Re: Sniffer and Network Analyzer - which one? Michael Painter (Jul 12)