A Few Questions related to Network Administration and Traffic Analysis
Mike Klinke
lsomike at futzin.com
Mon Mar 7 13:39:55 UTC 2005
On Monday 07 March 2005 03:27, Rebel wrote:
> I have a few questions for the traffic analysis and
> network administration. I know there are a lot of
> system admins here and someone can shed some light on
> these for sure.
>
> I have a router, cable dsl and 3 machines connected in
> the intranet via wireless cards and 1 via ethernet via
> router. I have the following questions. One is the
> Linux box and others are windows boxes running XP
>
> 1. From the linux box, if I try to run nmap I can see
> open ports of all other machines which is fine. Is
> there any other tool for port scanning and seeing what
> services/programs are running on these windows boxes.
>
> 2. Lets say I want to administer packets at the router
> level and want to see which packet is going to which
> machine (both to and fro), what tools/tips and
> techniques are recommended for the same.
>
> Thanks a Lot,
> Regards,
> Rebel
>
iptraf, ethereal, tcpdump are all good packet capture applications.
Snort ( www.snort.org ), an intrusion detection application, make's
very good guesses about what's running on other machines and
another, named Nessus ( www.nessus.org ) is rather informative too.
Ntop ( http://www.ntop.org/ntop.html ) will show you a fancy
breakdown of your network traffic by machine/protocol/application
etc.
Regards, Mike Klinke
More information about the fedora-list
mailing list