On Nov 25, 2006, at 6:17 AM, Jason Chambers wrote:
You might also look at "softflowd" [1] or similar tool to export
netflow records from whatever box your using TCPDUMP to capture data.
Of course exporting flow records from routers is preferable..
--Jason
On Nov 22, 2006, at 7:34 AM, Stefan Hegger wrote:
Hi,
I wonder if someone knows a tool to use a tcpdump output for anomaly
dedection. It is sometimes really time consuming when looking for
identical
patterns in the tcpdump output.
SiLK is a powerful toolset for analyzing netflow and pcap
On Dec 15, 2005, at 06:54, Rossi, Jeremy wrote:
Have you looked OpenBSD with pf? You can create rules that map
outbound
session to a different DSL router, interface, and/or gateway based on
any number of rules. The man page pf.conf[1] and more precisely the
FreeBSD with IPF \ IPNAT [1]
On Sep 26, 2005, at 11:37, Drew Weaver wrote:
We're looking for a method of actively monitoring certain
metrics on our network via software or a somewhat inexpensive hardware
solution (those metrics being which AS numbers are the highest
destinations for our network) and information li
On Aug 10, 2005, at 05:53, [EMAIL PROTECTED] wrote:
Also, what about DoD Orange Book certification? Can this kind of
testing methodology be applied to routing systems as well, such as
IOS?
I don't claim to fully understand Orange Book but it seems to
me that one of the essences of Open Sour