Re: Linux or Unix distribution for network sniffing



Can you clarify what your desired end result is ? Do you need to see every single packet on every single network segment, do you just care about traffic crossing the corporate boundary, do you want a permanent solution or something ad-hoc, do you know what volume of traffic you're expecting etc. ?

Depending on your answer, the best solution could be anything from a mirrored/SPAN port on each access switch all feeding into a giant bucket (all sized and monitored accordingly), to a dual-interface laptop running OpenBSD/linux/etc in bridge mode transparently recording traffic on a temporary basis.

It's worth giving it some thought - and depending on your answer (and your organisation, userbase etc), you may find you need to think about regulatory/legal requirements as well.


Nick Besant

On 22/06/10 10:12, Hristiyan Lazarov wrote:
Hello, I'm new to this mail list so lets first introduce myself - my
name is Hristiyan Lazarov and I'm currently working as an Enterprise
Security Specialist for a UK based company.

I'm looking to implement in our organisation *NIX based network
sniffer. Basically, I want to trace and record every single packet
that is coming to, or going out from my network.

We are working with sensitive information, that's why my employer want
me to record the traffic at least 1 month back. We have a proxy which
is dealing with our HTTP traffic but some
people are playing smart trying to use some anonymizers to access
restricted websites.

Any suggestions would be greatly appreciated.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



Relevant Pages

  • Re: Network Monitoring Software
    ... It s perfect for network analysis. ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Re: What to buy?
    ... My job is now taking on the security responsibilityes for my network. ... Securing Apache Web Server with thawte Digital Certificate In this guide we ...
    (Security-Basics)
  • Re: Capturing network traffic and warning if its volume crosses a defined limit
    ... A network tap would work as well. ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Re: Secure Network | Requirements
    ... I have setup a network where the management has requested to block all ... So in this scenario i have one section who commonly bring data from ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Re: Secure Network | Requirements
    ... I have setup a network where the management has requested to block all ... So in this scenario i have one section who commonly bring data from ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)