2 interfaces on Linux ipchains ACCEPT LOGGING records src and dest, amount, type, date/time
1 interface Solaris get data: snoop -o <output> -d <device> report from data: snoop -i <output file> -tr -v >>file records lots of stuff -----Original Message----- From: Damon Sisola [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 06, 2002 12:07 PM To: [EMAIL PROTECTED] Subject: network traffic logging tool ? I'm looking for a promiscuous mode network monitor that can provide detailed protocol and source/destination logging similar to that which a firewall and reporting package can provide. This windows or Linux based network monitor will sit between our Internet router and the outbound NAT device and provide the following: - summary and detailed traffic reporting for TCP/UDP/ICMP and application level protocols such as HTTP, FTP, DNS, etc. - summary of traffic quantities between hosts. - logging for future reporting and analysis. I have used snort and tcpdump, but unless I am missing something, they cannot provide the detailed reporting that I am looking for. Thanks for any suggestions. Damon
