Look at http://www.networkgenomics.net, this product does a sniffer type
look at your network and provides conversation views, from both ends. Also
traverses firewalls.
Dwight
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Austad, Jay
Sent: Wednesday, S
> Does anyone have a *GOOD* screenrc example config? I was VERY confused by
> the info file.
> (OT, I know, but...)
Here is one we find useful for monitoring the behavior of a firewall:
split
split
screen -t desktop 0 tcpdump -ni desktop not port 22
focus
screen -t external 1 tcpdump -ni extern
EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 03, 2003 1:02 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: Distributed sniffer products
The cost benefit analysis on Ethereal/etc vs Sniffer on anything
but the smallest of networks is usually very
Have a look at http://www.isr.net/
Right side, are a bunch of links.
cheers,
-Bert
: Wednesday, September 03, 2003 2:50 PM
To: Austad, Jay; '[EMAIL PROTECTED]'
Subject: Re: Distributed sniffer products
Etherial and other libpcap tools work reasonably well, can be easily
deployed
using commodity hardware, and would cost you a lot less than NetAssoc.
Owen
--On Wednesday, S
I haven't had any problems using it without a screenrc.
screen -- Starts new session
screen -r -- resumes old session (won't steal session if active)
screen -r -d -- resumes old session and detaches it if necessary
Beyond that, I use ^A-D (detach) and a few other ^A commands, all of which
are pret
On Wed, 3 Sep 2003, Larry Rosenman wrote:
> --On Wednesday, September 03, 2003 15:22:55 -0400 ravi pina <[EMAIL PROTECTED]>
> wrote:
> > On Wed, Sep 03, 2003 at 12:05:06PM -0700, Luke Starrett said at one point
> > in time:
> >> SSH works, but it's sometimes nice to have a persistent session that
--On Wednesday, September 03, 2003 15:22:55 -0400 ravi pina <[EMAIL PROTECTED]>
wrote:
On Wed, Sep 03, 2003 at 12:05:06PM -0700, Luke Starrett said at one point
in time:
SSH works, but it's sometimes nice to have a persistent session that I
can pick back up later (or from a different PC).
Luke
--Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Owen DeLong
> Sent: Wednesday, September 03, 2003 12:07 PM
> To: Luke Starrett; 'Austad, Jay'; [EMAIL PROTECTED]
> Subject: RE: Distributed sniffer products
>
>
>
> >&
On Wed, 3 Sep 2003, Luke Starrett wrote:
>
> > OK... I'll leave the XP thing al0wned.
>
> Understood... It was a quick (and dirty) solution.
>
> > As to the linux solution, why would you bother with VNC
> > rather than just ssh. Pull the libpcap file back to a local
> > desktop for analysi
On Wed, Sep 03, 2003 at 12:05:06PM -0700, Luke Starrett said at one point in time:
>
> SSH works, but it's sometimes nice to have a persistent session that I
> can pick back up later (or from a different PC).
>
> Luke
http://www.gnu.org/software/screen/
-r
OK... I'll leave the XP thing al0wned.
Understood... It was a quick (and dirty) solution.
How was that any quicker than the same thing running on Linux?
(hint: XP install time on P4/1.6Ghz/512MB -> ~2 hours
RH8.0 install time on same machine -> ~30 minutes)
As to the linux solution, why would y
> OK... I'll leave the XP thing al0wned.
Understood... It was a quick (and dirty) solution.
> As to the linux solution, why would you bother with VNC
> rather than just ssh. Pull the libpcap file back to a local
> desktop for analysis in
> ethereal.
SSH works, but it's sometimes nice to ha
OK... I'll leave the XP thing al0wned.
As to the linux solution, why would you bother with VNC rather than just
ssh. Pull the libpcap file back to a local desktop for analysis in
ethereal.
Owen
--On Wednesday, September 3, 2003 11:26 AM -0700 Luke Starrett
<[EMAIL PROTECTED]> wrote:
I took a
Etherial and other libpcap tools work reasonably well, can be easily
deployed
using commodity hardware, and would cost you a lot less than NetAssoc.
Owen
--On Wednesday, September 3, 2003 1:07 PM -0500 "Austad, Jay"
<[EMAIL PROTECTED]> wrote:
Anyone have any experience with these? I'm looking
I took a different approach and run a Windows XP machine with multiple
network cards to the segments that I regularly need to sniff. I use the
remote desktop feature to access the box. It has one NIC for regular
connectivity, and a couple others that are just used for sniffing.
Others are using
A little off topic, but nonetheless:
Have a look at Ethereal, an open source network analyzer similar in many
respects to Sniffer Pro. http://www.ethereal.com
For distributed sniffing / central analysis, you might want to try
IDABench, ISTS's pluggable framework for network packet analysis.
htt
On Wed, 3 Sep 2003, Austad, Jay wrote:
>
> Anyone have any experience with these? I'm looking for something similar to
> Network Associates Sniffer product.
>
> Are there any open source projects that are decent? What are others using?
we use bro and snort...
http://www.snort.org/
http://w
18 matches
Mail list logo