Hello David, >I'm not monitoring a specific device, the machine runnning MRTG is also an IDS >machine, and sits in a DMZ. Span's are set up on the switch to send all traffic to >this machine, so in essence, all I'm monitoring is the traffic on the ethernet port >on the MRTG machine. Hopefully that answers questions in advance!
>>With the RPC DCOM worm out there, we're looking to monitor traffic patterns for >>certian ports, specifically 135 and 139. I was wondering if someone could give me >>some pointers on how to create this graph in MRTG, or point me to some good >>documentation to do so. I poked around the MRTG site, but didn't really find >>anything helpful. Thanks a lot! If I understand you correctly, you're wanting to graph a counter of how many patterns your IDS saw. If your IDS counts this I would use MRTG's brother RRDTool to track this counter and graph it, as RRDTool is much better in tracking non-SNMP datasources than MRTG is. There are a lot of good tutorials at http://www.rrdtool.com/. If you are looking for a graphical frontend for RRDTool, I would recommend Cacti (http://www.raxnet.net/products/cacti/)! HTH, Michael Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/whatsup_forum%40list.ipswitch.com/
