Snort mailing list archives
RE: Remotely monitor a switch port...
From: Chris Calaf <ccalaf () WBCM com>
Date: Tue, 24 Feb 2004 13:21:54 -0500
If your switches support netflows(cisco) http://www.caida.org/tools/utilities/flowscan/ <http://www.caida.org/tools/utilities/flowscan/> http://www.splintered.net/sw/flow-tools/ <http://www.splintered.net/sw/flow-tools/> _____ From: Ridlon, Michael [mailto:michael.ridlon () sfcc edu] Sent: Tuesday, February 24, 2004 10:59 AM To: JP Vossen Cc: Snort Users List Subject: Re: [Snort-users] Remotely monitor a switch port... I am currently using MRTG to log the overall throughput of 19 buildings. I haven't read anything that describes how MRTG can log protocol information. Can it? If not, do you know of a product that can WITHOUT using a mirrored port? Thanks, Mike On Mon, 2004-02-23 at 23:59, JP Vossen wrote:
From: "Ridlon, Michael" <michael.ridlon () sfcc edu> To: snort-users () lists sourceforge net Date: 23 Feb 2004 15:02:52 -0500 Subject: [Snort-users] Remotely monitor a switch port... I want to gather protocol information so I can graph usage percentages for all the protocols going through the port. Also Percent of traffic to local lan vs. to off-site. Can this be done with snort?
Maybe, but you'd probably be better off using MRTG: The Multi Router Traffic Grapher. <http://www.google.com/url?sa=U&start=1&q=http://people.ee.ethz.ch/~oetiker/ webtools/mrtg/&e=747> http://www.google.com/url?sa=U&start=1&q=http://people.ee.ethz.ch/~oetiker/w ebtools/mrtg/&e=747 Later, JP ------------------------------|:::======|-------------------------------- JP Vossen, CISSP |:::======| jp{at}jpsdomain{dot}org My Account, My Opinions |=========| <http://www.jpsdomain.org/> http://www.jpsdomain.org/ ------------------------------|=========|-------------------------------- You used to have to reboot the Windows 9.x series every couple of days because it would crash. Now you have to reboot Windows 200x or XP every couple of days because of a patch. How is that better or more stable?
Current thread:
- Remotely monitor a switch port... Ridlon, Michael (Feb 23)
- Re: Remotely monitor a switch port... Erek Adams (Feb 23)
- <Possible follow-ups>
- Re: Remotely monitor a switch port... JP Vossen (Feb 23)
- Re: Remotely monitor a switch port... Ridlon, Michael (Feb 24)
- Re: Remotely monitor a switch port... JP Vossen (Feb 24)
- Re: Remotely monitor a switch port... Ridlon, Michael (Feb 24)
- RE: Remotely monitor a switch port... Chris Calaf (Feb 24)