Security Basics mailing list archives
Re: Internet usage and monitoring
From: "Brian Loe" <knobdy () gmail com>
Date: Thu, 27 Sep 2007 13:13:24 -0500
On 9/27/07, Kurt Buff <kurt.buff () gmail com> wrote:
NTOP will indeed break out http(s) traffic, but will only give you the top three talkers easily - it's a pain to drill down to find bandwidth usage for other users, as it's really a tool for measuring bandwidth utilization in the aggregate, more than it is for potocol analysis and user monitoring. It just looks at packets going by.
For tracking http use, not bandwidth, I've relied on firewall logs. With a good syslog implementation you can see the top 100 users pretty easily as well as rate the most visited sites.
Current thread:
- RE: Internet usage and monitoring, (continued)
- RE: Internet usage and monitoring Serge Jorgensen (Sep 27)
- Re: Internet usage and monitoring p1g (Sep 27)
- RE: Internet usage and monitoring Bhardwaj, Akash (Sep 27)
- Re: Internet usage and monitoring gjgowey (Sep 27)
- RE: Internet usage and monitoring Petter Bruland (Sep 27)
- RE: Internet usage and monitoring Steven Jones (Sep 27)
- RE: Internet usage and monitoring Zhihao (Sep 28)
- RE: Internet usage and monitoring Bhardwaj, Akash (Sep 27)
- Re: Internet usage and monitoring Brian Loe (Sep 27)
- RE: Internet usage and monitoring Dan Lynch (Sep 28)
- Re: Internet usage and monitoring gjgowey (Sep 28)
- RE: Internet usage and monitoring Steven Bartshe (Sep 28)