Re: A Few Questions related to Network Administration and TrafficAnalysis
From: Matt Florido (matt_at_floridonet.com)
Date: 03/07/05
- Previous message: Sasa Stupar: "Re: Totem player issue"
- In reply to: Rebel: "A Few Questions related to Network Administration and Traffic Analysis"
- Next in thread: Scot L. Harris: "Re: A Few Questions related to Network Administration and TrafficAnalysis"
- Reply: Scot L. Harris: "Re: A Few Questions related to Network Administration and TrafficAnalysis"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 07 Mar 2005 06:56:13 -0800 (PST) To: fedora-list@redhat.com
On Mon, March 7, 2005 1:27 am, Rebel said:
[..]
>
> 2. Lets say I want to administer packets at the router
> level and want to see which packet is going to which
> machine (both to and fro), what tools/tips and
> techniques are recommended for the same.
>
Check into tcpdump and ethereal. These are essentially packet capture
programs, as is snort. You can add modules to the latter to make it an
IDS.
You want to make sure you're either on a promiscuous port on a switch, or
connected to a hub. The reason being, switches don't typically repeat
signals across all ports unless it has the ability to do so (higher end
switches). Hubs are simply signal repeaters which means nodes connected
to a hub sees packets/datagrams even though the destination is another
node.
-- Regards, Matt Florido -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Sasa Stupar: "Re: Totem player issue"
- In reply to: Rebel: "A Few Questions related to Network Administration and Traffic Analysis"
- Next in thread: Scot L. Harris: "Re: A Few Questions related to Network Administration and TrafficAnalysis"
- Reply: Scot L. Harris: "Re: A Few Questions related to Network Administration and TrafficAnalysis"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
