[c-nsp] NETFLOW or Alternatives??
Olav Langeland
olav.langeland at active24.com
Tue Jan 4 03:47:20 EST 2005
> -----Original Message-----
> From: Roland Dobbins [mailto:rdobbins at cisco.com]
> Sent: 4. januar 2005 03:22
> To: <cisco-nsp at puck.nether.net> <cisco-nsp at puck.nether.net>
> Subject: Re: [c-nsp] NETFLOW or Alternatives??
>
> Actually, there are a number of open-source tools which you
> can use to
> get started on Linux or FreeBSD or what-have-you - see Robert
> Galloway's excellent NetFlow HOW-TO:
>
> http://www.linuxgeek.org/netflow-howto.php
>
> and take a look at Stager:
>
> http://stager.uninett.no/
>
> On Jan 3, 2005, at 6:13 PM, Vandy Hamidi wrote:
>
> > All,
> > I'm looking for a way to determine the type of traffic and
> the amounts
> > of each Flow (SIP, DIP, Sport, DPort).
> >
> > When my internet traffic or WAN traffic hits 99%, I want to
> be able to
> > identify the cause. Right now, it's a total uneducated guess.
> >
> > Requirements:
> > 1) Identify traffic flows
> > 2) Flow Kbps
> > 3) Preferably use a Windows Server for collection and reporting
> > 4) Prefer Trending
> > 5) Easy ramp up (trying to avoid needing to learn a whole no
> > discipline)
> >
> > I'm not very familiar with NetFlow, but it looks like it needs a
> > Solaris
> > Data Collector.
> >
> > Equipment will range from 6500, 4500, 3745, 7206, etc.
> > Thanks in advance,
> >
> > -=Vandy=-
Have a look at http://www.ntop.org/overview.html or
http://www.splintered.net/sw/flow-tools/ while you are at it.
regards, olav
More information about the cisco-nsp
mailing list