Johan wrote regarding 'Re: [SLE] monitor lan traffic' on Thu, Aug 19 at 09:53:
Torsdag den 19. august 2004 16:36 skrev Danny Sauer:
Jack wrote regarding '[SLE] monitor lan traffic' on Thu, Aug 19 at 09:11:
Can somone tell what I need to have installed on suse linux machine so that I can maybe monitor an analize some of the traffic on my network. [...]
Ethereal is the be-all end-all sniffer, IMHO. It'll let you know capture and later analyze traffic, but it's tough to use for real-time monitoring. Etherape is pretty decent for watching what's going on in real-time, but isn't so good for later analysis. If you have SNMP daemons running on most of your machines, mrtg or rrdtool+cacti are nice solutions for graphing the traffic on a per-machine basis, and monitoring lots of other stuff over longer periods of time. [...]
ntop should be considered too.
Johan
I've had bad luck with runing ntop for any extended period of time on a busy network. Even on small networks, it seems to really grind down if you're storing a history and using the web interface. It's cool for a short term, or if you shut the history thign off and dont' use the web interface though. :) I guess nmap oughtta be in there, too, as well as things like nessus and saint. --Danny