Home page logo
/

basics logo Security Basics mailing list archives

Re: Network monitoring PC.
From: "Kurt Buff" <kurt.buff () gmail com>
Date: Fri, 2 Nov 2007 16:01:23 -0700

On 11/2/07, Nick Vaernhoej <nick.vaernhoej () capitalcardservices com> wrote:
Good afternoon,

I am looking for ideas for software ideal for installation on a PC which
will be used for monitoring our LAN/WAN.
The WAN is over a MPLS circuit so nothing out of the ordinary needed for
monitoring.
The PC will be plugged into a mirrored port when needed, so what I am
thinking is a Linux build with ntop, wireshark/tcpdump and what else?
I am not opposed to a Windows install at all.
Just looking for ideas.
Single workstation, mirrored port, only monitoring, not mitigating or
actively scanning.

Thank you and have a great weekend!

Nick Vaernhoej
"Quidquid latine dictum sit, altum sonatur."

This really depends on what set of things/conditions you're looking to monitor.

Bandwidth utilization/network health? ntop you've mentioned, but
smokeping also comes to mind, though that is not a packet monitoring
tool, per se, so doesn't need to sit on a span/mirror port.

What else are you looking to get out of it?

Intrusion detection? snort is useful


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]