Firewall Wizards mailing list archives
Re: Open Source Port Tracking
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Tue, 04 Feb 2003 19:39:11 -0500
At 09:40 AM 2/4/2003 -0500, Small, Jim wrote:
I've been trying ntop, but it doesn't track all ports. I know IPFilter has a count option, but it would be tedious to set up 65,535x2 rules for all TCP/UDP ports. Could someone recommend something else?
There's an ancient tool called nnstat that does what you're looking for; I don't know if it runs on newer UNIXes - it's kind of crufty but it's real good for producing network statistics based on packet level stuff. A lot of the concepts of the first version Network Flight Recorder were extensions and improvements on the ideas in nnstat. mjr. --- Marcus J. Ranum http://www.ranum.com Computer and Communications Security mjr () ranum com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Open Source Port Tracking Small, Jim (Feb 04)
- Re: Open Source Port Tracking R. DuFresne (Feb 04)
- Re: Open Source Port Tracking Darren Reed (Feb 05)
- Re: Open Source Port Tracking Richard Gadsden (Feb 05)
- <Possible follow-ups>
- Re: Open Source Port Tracking Marcus J. Ranum (Feb 04)
- RE: Open Source Port Tracking Loomis, Rip (Feb 05)