RE: Basic snort setup for traffic analysis

["Nanabhay Mohamed * Group (GP)" <MohamedN () Transnet co za>]

> > I want to run snort on a network for about 5 days and then use snortsnarf
> > (or anything else someone can recommend) to analyse what sort of traffic
is
> > going through the network.

> [...snip...]

> You're using the wrong tool.  :)

> Use Ntop[0] or iptraf[1].  They should show you exactly what's going on.

Erm...I think I was a bit vague in what I meant by analysing traffic. What I
*really* need to do is analyse any attacks (if any)on the network over that
period of time... 

Sorry for the that. Any ideas?

Mohamed


-------------------------------------------------------
This sf.net email is sponsored by: DEDICATED SERVERS only $89!
Linux or FreeBSD, FREE setup, FAST network. Get your own server 
today at http://www.ServePath.com/indexfm.htm
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users