[nsp] Netflow analysis tools
Paul Kohler
pkohler at cisco.com
Fri Jul 11 15:45:11 EDT 2003
Flow-tools & flowscan are excellent. There's also:
ntop
http://www.ntop.org/ntop.html
caida's cflowd
http://www.caida.org/tools/measurement/cflowd/
crannog (not freeware but lightweight Windows app)
http://www.crannog-software.com/
crannog demo
http://demo.mynetwatch.net
Paul
At 05:56 PM 7/9/2003, joshua sahala wrote:
>To: "Streiner, Justin" <streiner at stargate.net>, cisco-nsp at puck.nether.net
>Subject: Re: [nsp] Netflow analysis tools
>
>On Wednesday 09 July 2003 16:33, Streiner, Justin wrote:
> > For those of you who are using Netflow analysis tools for things
> > like traffic monitoring, capacity planning, and
> > identifying/tracking DoS attacks, what tools are you using?
> > Freeware tools are preferred at this point.
>[cut]
>
>i am playing with flow-tools
>(http://www.splintered.net/sw/flow-tools/) and flowscan
>(http://net.doit.wisc.edu/~plonka/FlowScan/) right now, and other
>than some operator errors, it looks pretty good.
>
>there are some great links and descriptions at
>http://www.switch.ch/tf-tant/floma/software.html - i know you were
>asking for real-world experiences....but you never know
>
>/joshua
>
>--
>What difference does it make to the dead, the orphans, and the
>homeless, whether the mad destruction is brought under the name of
>totalitarianism or the holy name of liberty and democracy?
>
> - Gandhi -
>
>
>_______________________________________________
>cisco-nsp mailing list cisco-nsp at puck.nether.net
>http://puck.nether.net/mailman/listinfo/cisco-nsp
>archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list