lonerunners.net | www.lonerunners.net www.lonerunners.net lab.lonerunners.net lab.lonerunners.net

Sniffing: SPAN port vs TAP

Posted by jekil
December 2, 2007

Sometimes the only way to do network monitoring and sniffing is using SPAN ports on network devices.I think that SPAN its not all bad but you must know that its limitations to be compliance with your requirements. This article can explain a lot of things that for a lot of network administrators is a unexplored [...]

Networking, Security, Techie, , , , ,
No Comments

Documentation about Netflow

Posted by jekil
September 14, 2007

Here is some documentation about NetFlow, slides, papers, and how to:

The Ultimate Netflow Data Realtime Analysis
nProbe: an Open Source NetFlow Probe for Gigabit Networks
NetFlow Version 9
NetFlow: Information loss or win?
Netflow Tools NfSen and NFDUMP
Cisco NetFlow and NBAR
NetFlow @ DANTE
Traffic Monitoring with Netflow
Cisco CNS NetFlow Collection Engine Version
Scrutinizer & Firewalls
Bitmap Algorithms for Counting Active Flows on [...]

In English, Networking, Techie, ,
No Comments

Papers about NetFlow applications

Posted by jekil
September 13, 2007

Properties
and Prediction of Flow Statistics from Sampled Packet Streams
Nick Duffield, Carsten Lund, Mikkel Thorup, Proc. ACM SIGCOMM
IMC, 2002. A detailed investigation of the effects of packet sampling
on flow-based traffic accounting.

TCP Use and Performance on Internet2
Stanislav Shalunov, Benjamin Teitelbaum, ACL SIGCOMM IMW, 2001.
See the pointer to the
Abilene usage report page in [...]

In English, Networking, Techie, , ,
No Comments

Monitoraggio di rete con NetFlow all’ESC07

Posted by jekil
September 13, 2007

Questo week end saro` presente all’End Summer Camp, l’evento informatico di chiusura estate, dove sabato 15 settembre terro` il mio talk intitolato "Monitoraggio di rete con NetFlow" che raccontera` la storiella di come monitorare reti di elaboratori medio/grandi utilizzando il protocollo NetFlow, da cosa e` a che strumenti utilizzare.

Talks, , , ,
No Comments

Netflow software list

Posted by jekil
May 21, 2007

Some lists of NetFlow related software.Links:

Free NetFlow Tools
Freshmeat NetFlow

In English, Networking, Techie, , ,
No Comments

Introduction to NetFlow-based Security Monitoring

Posted by jekil
March 2, 2007

Beautiful slides from Lancope about NetFlow, a good introduction for newbie: Introduction to NetFlow-based Security Monitoring

LOL,
No Comments

Rilevare gli attacchi DoS con NetFlow

Posted by jekil
February 24, 2006

L’utilizzo di NetFlow permette di fare monitoraggio e accounting con il minimo impiego di risorse per gli apparati.In caso di attacco DoS in numero di flussi esportati dalle apparecchiature di rete aumenta vertiginosamente, quindi risulta un semplice strumento per rilevarli. (Semplice ma per nulla user-friendly)Anche se continuo a credere che il modo migliore per segnalare [...]

Personal,
No Comments

Stager

Posted by jekil
November 30, 2005

Alla fine dopo vari prodotti e test ho scelto Stager come strumento per la visualizzazione di dati provenienti da NetFlow.
"Stager is a system for aggregating and presenting network statistics.
Stager is generic and can be customized to present and process any kind
of network statistics. The backend collects data and stores reports in
a database, automatically handling the [...]

Personal, , ,
No Comments