Hi, Burak On 1 Feb 2012, at 14:27, Burak Dikici wrote:
> I am looking for the open source flow collector program which is able to use > in the ISP size. Specially i am expecting the functions from the flow > collector program which are ; > > - traffic analysis, network visibility and baselining > - detect network anomalies > - forensics and incident response I've used NFSEN to great effect for this purpose. http://nfsen.sourceforge.net/ It's really very good for spotting and removing abusive traffic (i.e. identifying compromised hosts/customers in the process of an attack), and performing traffic analysis so that you can better handle your customers' needs. One thing you have not mentioned in your brief that NFSEN is good for, is identifying networks that you exchange significant traffic with so that you can ask them for peering. Using netflow to help with abuse mitigation and improving your network decision making would make a great topic for a future MENOG meeting. Best wishes, Andy Davidson _______________________________________________ Menog mailing list [email protected] http://lists.menog.net/mailman/listinfo/menog
