RE: Network Traffic Monitor

From: JTH (jth_at_visi.com)
Date: 04/08/04

  • Next message: Brad Arlt: "Re: Email address spoof" 
    To: "'securityfocus'" <security-basics@securityfocus.com>
Date: Thu, 8 Apr 2004 10:34:22 -0500

    Incidentally, this question was posed on Slashdot today with a good amount
    of replies, over half of which are regarding Ethereal, but there are
    others in there as well.

    > -----Original Message-----
    > From: Eric Thirolle [mailto:edt1@duke.edu]
    > Sent: Wednesday, April 07, 2004 2:01 PM
    > To: Jason Haith; securityfocus
    > Subject: RE: Network Traffic Monitor
    >
    > There are many packet capture packages, like snort on Linux.
    > On Windows, there are some freeware options, like Ethereal or
    > AnalogX Packet Monitor. Of course, you would have to place
    > the Linux or Windows box somwehere to the outside of the
    > switches, with two NICs installed. You would get different IP
    > address info depending on whether you put it inside or
    > outside of the router, as the router is doing address translation.
    >
    > Alternatively, your may be able to monitor traffic on your
    > firewall or router. E.g., a Windows freeware app called
    > WallWatcher can monitor traffic on a Linksys router. Some are
    > monitorable via SNMP.
    >
    > Is that too basic? That just about exhausts my knowledge in this area.
    >
    > Eric
    >
    > -----Original Message-----
    > From: Jason Haith [mailto:jhaith@genesissys.com]
    > Sent: Wednesday, April 07, 2004 8:38 AM
    > To: securityfocus
    > Subject: Network Traffic Monitor
    >
    >
    > I'm curious if anyone knows of any software Windows or Linux
    > that can monitor all traffic going out of the network,
    > particularly any unusual traffic. I had a computer infected
    > with a mass mailing program that sent out enough traffic to
    > lock up my firewall the other day, which is also the firewall
    > for all our web/mail/app servers. Any ideas would be greatly
    > appreciated. Thanks in advance.
    >
    > Network Layout
    > T1's > Router > Firewall > Switches > All servers and PC's
    >
    >
    >
    >
    > Jason Haith
    > Systems Administrator
    > Genesis Systems
    > 5712 S. 77th St
    > Omaha, NE 68127
    > Email: jhaith@genesissys.com
    >
    >
    > --------------------------------------------------------------
    > -------------
    > Ethical Hacking at the InfoSec Institute. Mention this ad and
    > get $545 off any course! All of our class sizes are
    > guaranteed to be 10 students or less to facilitate one-on-one
    > interaction with one of our expert instructors.
    > Attend a course taught by an expert instructor with years of
    > in-the-field pen testing experience in our state of the art
    > hacking lab. Master the skills of an Ethical Hacker to better
    > assess the security of your organization.
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > --------------------------------------------------------------
    > --------------
    >
    >
    >
    > ______________________________________________________________
    > __________
    > Delivered using the Free Personal Edition of Mailtraq
    > (www.mailtraq.com)
    >
    > --------------------------------------------------------------
    > -------------
    > Ethical Hacking at the InfoSec Institute. Mention this ad and
    > get $545 off any course! All of our class sizes are
    > guaranteed to be 10 students or less to facilitate one-on-one
    > interaction with one of our expert instructors.
    > Attend a course taught by an expert instructor with years of
    > in-the-field pen testing experience in our state of the art
    > hacking lab. Master the skills of an Ethical Hacker to better
    > assess the security of your organization.
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > --------------------------------------------------------------
    > --------------
    >

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------

  • Next message: Brad Arlt: "Re: Email address spoof"

    Relevant Pages

    • RE: Minimum password requirements
      ... say it risks decreasing security rather than improving it. ... > Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • RE: Minimum password requirements
      ... I'd say it risks decreasing security rather than ... >> Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • RE: Snort Help - Network IDS
      ... The tap would be the best method. ... > Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... of an Ethical Hacker to better assess the security of your organization. ...
      (Security-Basics)
    • RE: Minimum password requirements
      ... > say it risks decreasing security rather than improving it. ... >> Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • Windows SUS
      ... You can read the solution in paragraph Deploying the Automatic Updates Client on doc document here: ... > Ethical Hacking at the InfoSec Institute. ... > expert instructors. ... > Attend a course taught by an expert instructor with years of ...
      (Security-Basics)