Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: netflow

From: Joel Rosenblatt <joel () COLUMBIA EDU>
Date: Tue, 31 Mar 2009 12:32:46 -0400
Yes .. check out <http://www.caida.org/tools/utilities/flowscan/> download here 
<http://www.caida.org/tools/measurement/cflowd/>

Thanks,
Joel Rosenblatt

Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel


--On Tuesday, March 31, 2009 12:20 PM -0400 Peter Charbonneau <Peter.Charbonneau () WILLIAMS EDU> wrote:


Jason,

   I would be interested to read what answers you get.  Would you summarize to the list?

p

On Mar 31, 2009, at 11:50 AM, Youngquist, Jason R. wrote:


I was wondering if anyone uses any free/Open Source netflow products
to capture netflow information.  We currently have a commercial
product which captures netflows and has Network Behavioral Anomaly
Detection (NBAD) capability, but I'm looking at alternatives.  We
are already using MRTG (and Cacti) to get bandwidth information, so
I'm looking for netflow tools that have the capability to dig deeper
into the flow data, ie. to zoom into a traffic spike and determine
the "top talker(s)" for the particular time period, the port,
destination IP, etc.

Please email me directly if you use a neflow application (Open
Source or commercial) which has good analysis capability.



Thanks.
Jason Youngquist
jryoungquist () ccis edu





PeteC


Peter Charbonneau
Sr. Network and Systems Administrator
Williams College
(413) 597-3408 (office)
(413) 822-2922 (cell)
OIT will NEVER ask for your password!





Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Previous By Date Next
Previous By Thread Next

Current thread: