Re: Network monitoring program.
Hi, > I need to monitor the network traffic from specific IP addresses. > I need to be able to deduce the applications that are running > that are generating the traffic. Unless you have full acess to the machine with that specific IP, you will never be able to do more than guessing what are the application generating the traffic: let say you are on a router smowhere on your network and you are interested by the traffic generated by some client accessing Internet, if you see traffic on TCP 80, maybe it i Internet Explorer, maybe Firefox, but it coul dalso be an anti-virus that uses port 80 to update the virus definition. And if you have very strict network usage policy on your network and you are blocking everything except port 80, it could even be Emule on top of port 80. Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Network monitoring program.
If you have the correct network setup available (network tap, hubs, SPAN/mirror port) then ntop will give you a good deal of help. On Jan 10, 2008 7:14 AM, Darryl Hoar <[EMAIL PROTECTED]> wrote: > Greetings, > I need to monitor the network traffic from specific IP addresses. > I need to be able to deduce the applications that are running > that are generating the traffic. > > What software in the ports collection will allow me to do this ? > > thanks, > Darryl > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
re :Network monitoring program.
if any of your network devices have NetFlow capability you could try IPFlow ( http://www.ipflow.utc.fr/index.php/Main_Page ) as a collector. There are binaries for FreeBSD and as a flow collector goes it is quite straightforward. It can also be hooked up with RRDTool. Phil ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Network monitoring program.
trafshow ... bye Norman Am Donnerstag, den 10.01.2008, 09:47 -0600 schrieb Eric Crist: > tcpdump and pump that through ethereal? > > > On Jan 10, 2008, at 9:14 AM, Darryl Hoar wrote: > > > Greetings, > > I need to monitor the network traffic from specific IP addresses. > > I need to be able to deduce the applications that are running > > that are generating the traffic. > > > > What software in the ports collection will allow me to do this ? > > > > thanks, > > Darryl > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "[EMAIL PROTECTED] > > " > > - > Eric F Crist > Secure Computing Networks > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Network monitoring program.
tcpdump and pump that through ethereal? On Jan 10, 2008, at 9:14 AM, Darryl Hoar wrote: Greetings, I need to monitor the network traffic from specific IP addresses. I need to be able to deduce the applications that are running that are generating the traffic. What software in the ports collection will allow me to do this ? thanks, Darryl ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED] " - Eric F Crist Secure Computing Networks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Network monitoring program.
Greetings, I need to monitor the network traffic from specific IP addresses. I need to be able to deduce the applications that are running that are generating the traffic. What software in the ports collection will allow me to do this ? thanks, Darryl ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
