RE: [fw-wiz] Statistics for Firewalls

From: Joe Matusiewicz (joem@nist.gov)
Date: 09/11/02


To: John Adams <jna-dated-1032202478.26c83c@retina.net>, Joe Matusiewicz <joem@nist.gov>
From: Joe Matusiewicz <joem@nist.gov>
Date: Wed Sep 11 15:41:16 2002

At 02:54 PM 9/11/02, John Adams wrote:

>I had similiar problems with ntop. What I usually do is to filter out of
>the traffic I deem useless with a tcpdump expression.
>
>For example, do you really need to know every DNS connection? Hell no,
>filter that. Filter NNTP. Filter all SMTP that isn't bound for your main
>mail server. Filter out NetBIOS.

Actually, that wasn't an option. At the time I was most interested in
bandwidth usage to decide on whether to get a bigger pipe. I needed to see
the whole picture.

-- Joe



Relevant Pages

  • RE: [fw-wiz] Statistics for Firewalls
    ... >>I had similiar problems with ntop. ... >>filter that. ... Fiber line / Shine, Enlight the Globe / In Light, communicate / Connect. ...
    (Firewall-Wizards)
  • RE: Network Traffic Monitor
    ... You then use ntop to monitor for things you ... Running ntop with the filter: ... to facilitate one-on-one interaction with one of our expert instructors. ...
    (Security-Basics)
  • RE: [fw-wiz] Statistics for Firewalls
    ... > much until ntop was unusable. ... filter that. ... able to increase our network peformace by going after people who were ... using serious amounts of bandwidth and have some idea of what the general ...
    (Firewall-Wizards)