Re: network traffic logging tool ?

From: Laurentiu Nicula (lnicula@eeye.com)
Date: 02/07/02


From: "Laurentiu Nicula" <lnicula@eeye.com>
To: "Damon Sisola" <dsisola@osius.com>, <security-basics@securityfocus.com>
Date: Thu, 7 Feb 2002 09:56:02 -0800

If you are not looking only for free tools, you might want to try Iris from
eEye

Signed,
Laurentiu Nicula

http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris/ - Network Traffic Analyzer
http://eeye.com/SecureIIS - Web Application Firewall

----- Original Message -----
From: "Damon Sisola" <dsisola@osius.com>
To: <security-basics@securityfocus.com>
Sent: Wednesday, February 06, 2002 10:06 AM
Subject: network traffic logging tool ?

>
>
> I'm looking for a promiscuous mode network monitor
> that can provide detailed protocol and
> source/destination logging similar to that which a
> firewall and reporting package can provide. This
> windows or Linux based network monitor will sit
> between our Internet router and the outbound NAT
> device and provide the following:
>
> - summary and detailed traffic reporting for
> TCP/UDP/ICMP and application level protocols such
> as HTTP, FTP, DNS, etc.
>
> - summary of traffic quantities between hosts.
>
> - logging for future reporting and analysis.
>
> I have used snort and tcpdump, but unless I am
> missing something, they cannot provide the detailed
> reporting that I am looking for.
>
> Thanks for any suggestions.
>
> Damon
>



Relevant Pages

  • Re: Parse using Text::CSV into Hash
    ... during network communication. ... The justification for hidden buffering is ... reporting that "something didn't work" (but I know neither ... matter if the file system API is used for high-level convenience. ...
    (comp.lang.perl.misc)
  • RE: network traffic logging tool ?
    ... Subject: network traffic logging tool? ... >firewall and reporting package can provide. ...
    (Security-Basics)
  • Re: THE EVENT not dead yet?
    ... I wasn't sure that a network would take a chance on The Event. ... Deadline is reporting that Syfy is currently in talks to bring The Event ... only this time as a miniseries. ... financial details to see if it would make sense to continue doing the show. ...
    (rec.arts.mystery)
  • Re: Summarizing data
    ... I need an individual report by customer, by their network & then ... Reporting sub 001 Summarized Billed amount ...
    (microsoft.public.access.reports)
  • Re: IRC-based Olympic Coverage
    ... home arrangement would scale to a company with a /8 network. ... - You don't know how a hardware firewall works, ... I would bring top notch filtering and reporting ... You better get back to the bean-counter books - basic math would be a good ...
    (comp.security.firewalls)