RE: network audit

["Marendra Nutriaji" <rendi () itpro co id>]

Hi there

there is a basic but powerful tools for your purpose, tcpdump in Linux or windump in Windows Environment.
It could capture all or customized traffic that you want to grab. and it could be redirected the output to files as 
text files. unfortunately, the output is not CSV (Comma Separated Value), so it's gonna be little bit tricky to put it 
into database. well it's good tools though... :)) more details: http://windump.polito.it/default.htm

There is more advanced tools and can be used as network instruction dedetection as well, called Snort (maybe you heard 
of it). It's free at http://www,snort.org 
It does capturing the traffic in log files in CSV format, so later if you wanna use it, just open it in Microsoft 
Excelor other spreadsheet programs, it will adjust the view neatly.

Cheers

Marendra
 


-----Original Message-----
From: avi koren [mailto:avikoren () fastmail fm]
Sent: Sunday, March 09, 2003 11:46 PM
To: security-basics () securityfocus com
Subject: network audit


Hello,

I'd like to record network traffic for later analysis. I want to record
all the packets including its data.
I prefer logging it to a database, though files are welcomed too. (thats
assuming I can later insert'em to a database).
Anyone can recommend a good product ? (commercial and non-commercial are
both welcomed)

thank you.
-- 
  avi koren
  avikoren () fastmail fm

-- 
http://www.fastmail.fm - Faster than the air-speed velocity of an
                          unladen european swallow