Re: Sniffer and Network Analyzer - which one?

[Isaac Perez Moncho <suscripcions () tsolucio com>]

Hi,
I think NTOP is the most easy to use-install of the three, because is 
really easy to do it.
We used cacti and I think is more focused on monitoring network devices 
like routers, switchs, etc.. or monitoring servers. And it doesn't give 
any more info that the provided by the device that sends the snmp. In 
your problematic switch it can say you what happens in layer 2, 3 or 4.
And opennms is for monitoring and do actions with the network, "manage" 
the network.
I think that if you only want to know who is causing the problems and 
how it did the best option is NTOP.
Because it does exactly what you want and is very easy to run it. You 
only should install the package (I used in opensuse and ubuntu) and 
place the device in a place that can sniff all the traffic (by example 
in a monitoring port of the problematic switch).
After that it start collecting statistics about the traffic.
I think, for monitoring, cacti should be used for a more large 
monitoring plan. It's very useful.
And opennsm is other matter.
I wish that helps you.



En/na WALI ha escrit:
> Hi
>
> Following on a related conversation I have been thinking to ask this 
> query for
> quite a long time but kept delaying it, so here I am:
>
> Are the three Open Source products http://cacti.net/ , OpenNMS and NTOP
> catering to different needs?
>
> A white paper published here: http://www.techsupportalert.com/r1525.htm
> doesn't even list any of these three on it's Top ten but they are most 
> heard
> in the technical forums.
>
> Finally, within my LAN, that comprises of 10 subnet VLANs and spans 
> across
> 10 floors, what would be the best way to incorporate any of these?
>
> Pls advise!