Re: Sniffer and Network Analyzer - which one?

["Kurt Buff" <kurt.buff () gmail com>]

On 7/12/07, WALI <hkhasgiwale () gmail com> wrote:
> Hi
>
> Following on a related conversation I have been thinking to ask this query
> for
> quite a long time but kept delaying it, so here I am:
>
> Are the three Open Source products http://cacti.net/ , OpenNMS and NTOP
> catering to different needs?

Yes, although there is a good deal of overlap between Cacti and
OpenNMS, which are based on querying equipment for status, either via
SNMP or other means. NTOP just evaluates packets as they go by, and
counts/classifies them.

> A white paper published here: http://www.techsupportalert.com/r1525.htm
> doesn't even list any of these three on it's Top ten but they are most heard
> in the technical forums.

It also doesn't list JFFNMS, MRTG, NetDisco, SmokePing, Nagios and
several others. I'm more interested in NetDisco, NTOP, SmokePing and
[Nagios | Cacti] for monitoring, myself.

> Finally, within my LAN, that comprises of 10 subnet VLANs and spans across
> 10 floors, what would be the best way to incorporate any of these?

Without lots more information about your network, and what your goals
are, I'd hesitate to say much. However, I will say that while
placement is important but not critical for monitoring tools that
query targets (OpenNMS, MRTG, NetDisco, etc.), placement is absolutely
critical for passive monitoring tools such as NTOP or Wireshark, and
probably pretty damned important for something like SmokePing.

Kurt