[22544] in North American Network Operators' Group
RE: Net Flows and Analysis tools
daemon@ATHENA.MIT.EDU (Barry Raveendran Greene)
Mon Jan 11 12:49:05 1999
Reply-To: <bgreene@cisco.com>
From: "Barry Raveendran Greene" <bgreene@cisco.com>
To: "Pete Kruckenberg" <pete@kruckenberg.com>, <nanog@merit.edu>
Date: Mon, 11 Jan 1999 09:31:13 -0800
In-Reply-To: <Pine.BSI.4.02.9901101730460.15031-100000@inquo.net>
Hello Alex,
Check out work on the following:
NLANR's work on real time flow analysis (links off of http://www.nlanr.net)
The IETF RTFM Work (overview at http://www.ietf.org with details at
http://www.auckland.ac.nz/net/Internet/rtfm/)
NeTraMet - A nice tools used by many ISPs
(http://www.auckland.ac.nz/net/Accounting/ntm.Release.note.html)
Barry
> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
> Pete Kruckenberg
> Sent: Monday, January 11, 1999 8:51 AM
> To: nanog@merit.edu
> Subject: Re: Net Flows and Analysis tools
>
>
> On Sun, 10 Jan 1999 alex@nac.net wrote:
>
> > I am looking for some real-time net flow and analysis tools.
> >
> > If anyone has any pointers, I'd appreciate it.
> >
> > Something like Cisco Netflow, but that doesn't require a Cisco Router
> > to capture (ie, a Unix box with promiscuous ethernets instead).
>
> One that seems to be pretty good is Network Flight Recorder (
> http://www.nfr.com ). This can run on an affordable Intel or Sparc box,
> and for internal private use, it's free (and somewhat limited in speed).
> There are also some (free) modules for it at loPht ( http://www.L0pht.com
> -- make sure you get L"zero"pht.com, or you'll get a nice surprise).
>
> NFR is a general-purpose platform for network analysis and reporting, but
> it seems that right now it is most well-known for security analysis and
> detection. The cool thing about it is that you can write your own modules
> (that's one of the intents of the samples at L0pht.com).
>
> Pete Kruckenberg
> http://pete.kruckenberg.com/resume
>
>
>
