I'm looking for a promiscuous mode network monitor
that can provide detailed protocol and
source/destination logging similar to that which a
firewall and reporting package can provide. This
windows or Linux based network monitor will sit
between our Internet router and the outbound NAT
device and provide the following:
- summary and detailed traffic reporting for
TCP/UDP/ICMP and application level protocols such
as HTTP, FTP, DNS, etc.
- summary of traffic quantities between hosts.
- logging for future reporting and analysis.
I have used snort and tcpdump, but unless I am
missing something, they cannot provide the detailed
reporting that I am looking for.
Thanks for any suggestions.
Damon
