Security Basics mailing list archives

Re: Internet usage and monitoring

From: "Brian Loe" <knobdy () gmail com>
Date: Thu, 27 Sep 2007 13:13:24 -0500

On 9/27/07, Kurt Buff <kurt.buff () gmail com> wrote:

NTOP will indeed break out http(s) traffic, but will only give you the
top three talkers easily - it's a pain to drill down to find bandwidth
usage for other users, as it's really a tool for measuring bandwidth
utilization in the aggregate, more than it is for potocol analysis and
user monitoring. It just looks at packets going by.



For tracking http use, not bandwidth, I've relied on firewall logs.
With a good syslog implementation you can see the top 100 users pretty
easily as well as rate the most visited sites.

Current thread:

RE: Internet usage and monitoring, (continued)
- - RE: Internet usage and monitoring Serge Jorgensen (Sep 27)
- Re: Internet usage and monitoring p1g (Sep 27)
  - RE: Internet usage and monitoring Bhardwaj, Akash (Sep 27)
    - Re: Internet usage and monitoring gjgowey (Sep 27)
    - RE: Internet usage and monitoring Petter Bruland (Sep 27)
    - RE: Internet usage and monitoring Steven Jones (Sep 27)
    - RE: Internet usage and monitoring Zhihao (Sep 28)
- Re: Internet usage and monitoring Manuel García (Sep 27)
- Re: Internet usage and monitoring Rodney Green (Sep 27)
- Re: Internet usage and monitoring Kurt Buff (Sep 27)
  - Re: Internet usage and monitoring Brian Loe (Sep 27)
- Re: Internet usage and monitoring Steve Olive (Sep 27)
  - RE: Internet usage and monitoring Dan Lynch (Sep 28)
    - Re: Internet usage and monitoring gjgowey (Sep 28)
- RE: Internet usage and monitoring Trevor Greenfield (Sep 28)
  - RE: Internet usage and monitoring Steven Bartshe (Sep 28)
- Re: Internet usage and monitoring Mark C Carollo (Sep 28)