Go have a look at OSSIM... ;o) It has EVERYTHING On Jan 9, 2008 3:54 PM, Kurt Buff <[EMAIL PROTECTED]> wrote:
> Another good tool for this kinda thing is ntop, but it must be > positioned correctly - you will most likely need a SPAN/mirror port in > your infrastructure, or else use the netflow or sflow plugins to get > reports from your routers/switches. > > Either way, it's extremely useful, as it doesn't merely measure > packets in/out of interfaces, it actually categorizes packets and > keeps track of top talkers, etc. > > Excellent for tracking down who is downloading that huge iso file, and > where it's coming from. Lets you ask more pointed questions, if > nothing else. > > Differentiates between tcp/udp/etc., and puts up some nice RRD graphics. > > Kurt > > On Jan 9, 2008 2:28 PM, Joe Heaton <[EMAIL PROTECTED]> wrote: > > > > > > > > > > > > I know we have these discussions every couple of months at least, but > here > > goes: > > > > > > > > What are you guys using to monitor your networks so that you have an > answer > > to the age-old user question of: > > > > > > > > "Why is everything running so slow?" > > > > > > > > I'm thinking of bandwidth usage first off, which I'm thinking PRTG to > > monitor that. > > > > > > > > I guess I could run a Wireshark capture, to see if there's a massive > spike > > in weird packets. > > > > > > > > > > > > Anything else that you guys could suggest? I know someone had mentioned > > they use Nagios, but that would require me to setup a Linux box first, > which > > isn't that big a deal, other than piecing a box together… > > > > > > > > Any other ideas? > > > > > > > > I'd like to do this without a lot of cost if possible, just because I > hate > > spending money… > > > > > > > > > > > > > > > > > > > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
