[c-nsp] Netflow/NBAR (was: 6500 under DDoS)
Fredrik.Jacobsson at enskilda.se
Fredrik.Jacobsson at enskilda.se
Thu Jul 29 03:47:49 EDT 2004
>Have a look at http://www.ntop.org, runs on Windows and most *NIX, can
>use a mirrored port or netflow as datasource and should give the
>information you want. For netflow, Flow-tools at
>http://www.splintered.net/sw/flow-tools/ is the bomb, the page has some
>good links with examples and addon programs.
Thanks.
Does anyone have a system where ppl can testdrive ntop or similar tools,
to help decide which one to go for? Screendumps are fine, but interacting
with the tool is far much better..
Best regards
/Fredrik
**********************************************************************************************************************
Confidentiality Notice
The content of this e-mail, including attachments, is intended for the confidential use of the individual(s) or entity(-ies) to whom it is addressed only and may contain personal and/or confidential information. Please notify the sender immediately by returning this e-mail if you are not the intended recipient. If you are not the intended recipient, you are hereby notified that you have received this communication in error and that reading, duplicating, or in any way disseminating its content to any other person, is strictly prohibited.
If the content of this e-mail, including attachments, includes an offer to provide any service or product, an offer or a solicitation of an offer to buy or sell any securities or any other investment product, please refer to the disclaimer on www.enskilda.se, which applies also to the content of this e-mail. Any such transaction will also be subject to any other Terms of Business currently in place between us.
If you are a client of Enskilda Securities with access to Enskilda Research Online and this e-mail contains a research report or the content of this e-mail, including attachments, may be regarded as an advice in relation to companies or securities, please refer to the general and company specific disclaimers, respectively, on Enskilda Research Online.
**********************************************************************************************************************
More information about the cisco-nsp
mailing list