[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] NetFlow and Linux

Haha, found it! Have you looked at ntop/nprobe?




nProbe can act as a netflow generator (you would install it on your router),
and as a collector and analyser (it's synonymous with nfsen/nfdump). You can
install it in both modes on the same machine, or split it so that collection
and analysis is performed elsewhere.

It exports in the Netflow format, so you can use any analyzer you choose,
you're not bound to nProbe/ntop for collection.


On Thu, Dec 11, 2008 at 9:35 AM, Christoper Fowler <
cfowler at outpostsentinel.com> wrote:

> > We are using nfsen here. It works great. I'm still working on getting the
> reports formatted the way I want but that's just a matter of tweaking/post
> processing.
> >
> What Cisco hardware are you using.   I want to test NetFlow but
> all I have are Cisco 2900 and 3550XL switches.  I do not use
> Cisco for layer 3 anything.  Linux only there.
> My goal is to see ALL traffic on my network.  Even traffic passing
> between port 1 and port 5 of a 2900.
> Chris
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20081215/cd97a834/attachment.html