Jump to content

Network Monitoring Software

psydT0ne

By psydT0ne
in Everything Else

 Share

Recommended Posts

psydT0ne Newbie

psydT0ne

Posted
Posted

Hey

Hope you guys can help out.

Lately I've been mucking about with network monitoring software without much luck.

Hoping you guys can suggest some software...here's the specs

windows based (i know...)

open source or free

close to enterprise grade stuff

NOT OPENNMS

NOT NETXMS

any ideas...?

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Not sure what kind of monitoring you are after. Are you looking for something like an SNMP trap system to send you alerts or just general traffic/packet monitoring. Have a look into Wireshark for packet sniffing and traffic analysis and for the other end of free windows tools, look at the Sysinternals stuff: http://technet.microsoft.com/en-us/sysinte...s/bb795532.aspx

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted

Since I am not sure what type of monitoring software you are after.

You may be able to find what you are looking for in this website, it has a long list of network monitoring software, its worth a look.

http://www.slac.stanford.edu/xorg/nmtf/nmtf-tools.html

Link to comment
Share on other sites
Trip Newbie

Trip

Posted
Posted

is there a way to monitor out going packets ?

and filter them for specific keywords ie msn / http requests etc ?

i know wireshark is capable but how would i configure it / set it up to monitor all out going traffic

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted
is there a way to monitor out going packets ?

and filter them for specific keywords ie msn / http requests etc ?

i know wireshark is capable but how would i configure it / set it up to monitor all out going traffic

You pretty much answered your question,

you will need to create a filter specifically for filtering HTTP traffic.

http://wiki.wireshark.org/Hyper_Text_Transfer_Protocol

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted (edited)
You pretty much answered your question,

you will need to create a filter specifically for filtering HTTP traffic.

http://wiki.wireshark.org/Hyper_Text_Transfer_Protocol

Or whatever port MSN uses to chat on. Wireshark will capture everything. Just dump the traffic to a pcap file, and you can 1 sort through it in wireshark later, filter, etc, or 2, import the pcap into other programs, like cain for password scraping, etc. There are lots of tools for sorting packets by desired criteria, but if you take the time to learn wireshark and even tshark, you can do the same within just wireshark.

Edited by digip
Link to comment
Share on other sites
psydT0ne Newbie

psydT0ne

Posted
  • Author
Posted

thanks for the help guys...

i'm looking for something that would handle some network discovery as well as monitoring network health...ie, if a server dies or similar I'd like to know about it long before ppl start calling in and whinning etc.

packet filtering and sniffing not really high on the agenda...

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

Maybe look into Insight Manager from HP. I think it integrates with various different server/vendor hardware and OS's, and centralizes monitoring of all machines added to its scope. I'm pretty sure thats what they had in the NOC where I used to work, but not 100% sure about the name.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted
Snort

You can config it to log whatever you want to flag. Can even have it drop connections that are flagged.

I think hes not looking for firewall activity as much as hardware monitoring, if I am following him correctly, like Machine A is down, or low on disk space, CPU fully maxed out, bad HDD in server, etc.

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted
Snort

You can config it to log whatever you want to flag. Can even have it drop connections that are flagged.

I think you misread the OPs reply, he wants to be able to monitor servers and get a real-time notification when a service or server is about to die.

Link to comment
Share on other sites
digip Newbie

digip

Posted
Posted

I remember Darren covering some SNMP software a few seasons back. It was installed in a Linux VM and just required SNMP enabled on all devices you wanted to monitor and the authentication to access the network. I forget what it was called, but it was demoed on the show. This might have even been as far back as before Wess left the show if memory serves me correct, so it was quite a while back.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...