psydT0ne Posted October 8, 2010 Posted October 8, 2010 Hey Hope you guys can help out. Lately I've been mucking about with network monitoring software without much luck. Hoping you guys can suggest some software...here's the specs windows based (i know...) open source or free close to enterprise grade stuff NOT OPENNMS NOT NETXMS any ideas...? Quote
digip Posted October 8, 2010 Posted October 8, 2010 Not sure what kind of monitoring you are after. Are you looking for something like an SNMP trap system to send you alerts or just general traffic/packet monitoring. Have a look into Wireshark for packet sniffing and traffic analysis and for the other end of free windows tools, look at the Sysinternals stuff: http://technet.microsoft.com/en-us/sysinte...s/bb795532.aspx Quote
Infiltrator Posted October 8, 2010 Posted October 8, 2010 Since I am not sure what type of monitoring software you are after. You may be able to find what you are looking for in this website, it has a long list of network monitoring software, its worth a look. http://www.slac.stanford.edu/xorg/nmtf/nmtf-tools.html Quote
Trip Posted October 8, 2010 Posted October 8, 2010 is there a way to monitor out going packets ? and filter them for specific keywords ie msn / http requests etc ? i know wireshark is capable but how would i configure it / set it up to monitor all out going traffic Quote
Infiltrator Posted October 8, 2010 Posted October 8, 2010 is there a way to monitor out going packets ? and filter them for specific keywords ie msn / http requests etc ? i know wireshark is capable but how would i configure it / set it up to monitor all out going traffic You pretty much answered your question, you will need to create a filter specifically for filtering HTTP traffic. http://wiki.wireshark.org/Hyper_Text_Transfer_Protocol Quote
digip Posted October 8, 2010 Posted October 8, 2010 (edited) You pretty much answered your question, you will need to create a filter specifically for filtering HTTP traffic. http://wiki.wireshark.org/Hyper_Text_Transfer_Protocol Or whatever port MSN uses to chat on. Wireshark will capture everything. Just dump the traffic to a pcap file, and you can 1 sort through it in wireshark later, filter, etc, or 2, import the pcap into other programs, like cain for password scraping, etc. There are lots of tools for sorting packets by desired criteria, but if you take the time to learn wireshark and even tshark, you can do the same within just wireshark. Edited October 8, 2010 by digip Quote
psydT0ne Posted October 9, 2010 Author Posted October 9, 2010 thanks for the help guys... i'm looking for something that would handle some network discovery as well as monitoring network health...ie, if a server dies or similar I'd like to know about it long before ppl start calling in and whinning etc. packet filtering and sniffing not really high on the agenda... Quote
digip Posted October 9, 2010 Posted October 9, 2010 Maybe look into Insight Manager from HP. I think it integrates with various different server/vendor hardware and OS's, and centralizes monitoring of all machines added to its scope. I'm pretty sure thats what they had in the NOC where I used to work, but not 100% sure about the name. Quote
Mr-Protocol Posted October 9, 2010 Posted October 9, 2010 Snort You can config it to log whatever you want to flag. Can even have it drop connections that are flagged. Quote
digip Posted October 9, 2010 Posted October 9, 2010 Snort You can config it to log whatever you want to flag. Can even have it drop connections that are flagged. I think hes not looking for firewall activity as much as hardware monitoring, if I am following him correctly, like Machine A is down, or low on disk space, CPU fully maxed out, bad HDD in server, etc. Quote
Infiltrator Posted October 9, 2010 Posted October 9, 2010 Snort You can config it to log whatever you want to flag. Can even have it drop connections that are flagged. I think you misread the OPs reply, he wants to be able to monitor servers and get a real-time notification when a service or server is about to die. Quote
Mr-Protocol Posted October 9, 2010 Posted October 9, 2010 Ah, my bad. There is software like that, you may want to look into more of an Auditing software. Quote
psydT0ne Posted October 11, 2010 Author Posted October 11, 2010 Thanks guys...ive gone for this so far: http://www.paessler.com/prtg/ im only monitoring about 5 key servers atm...and this should do nicely Quote
digip Posted October 11, 2010 Posted October 11, 2010 I remember Darren covering some SNMP software a few seasons back. It was installed in a Linux VM and just required SNMP enabled on all devices you wanted to monitor and the authentication to access the network. I forget what it was called, but it was demoed on the show. This might have even been as far back as before Wess left the show if memory serves me correct, so it was quite a while back. Quote
3TeK Posted October 11, 2010 Posted October 11, 2010 check this out.. Windows based and Free. The Dude Quote
hexophrenic Posted October 13, 2010 Posted October 13, 2010 Cacti ( http://www.cacti.net ) Nagios ( http://www.nagios.org ) I used both on Linux, but I believe they can both run on windows as well. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.