Posts Tagged ‘network monitoring’

Sniffing: SPAN port vs TAP

Sunday, December 2nd, 2007

Sometimes the only way to do network monitoring and sniffing is using SPAN ports on network devices.
I think that SPAN its not all bad but you must know that its limitations to be compliance with your requirements.
This article can explain a lot of things that for a lot of network administrators is a unexplored planet.

Documentation about Netflow

Friday, September 14th, 2007

Here is some documentation about NetFlow, slides, papers, and how to:

Papers about NetFlow applications

Thursday, September 13th, 2007
and Prediction of Flow Statistics from Sampled Packet Streams
Nick Duffield, Carsten Lund, Mikkel Thorup, Proc. ACM SIGCOMM
IMC, 2002. A detailed investigation of the effects of packet sampling
on flow-based traffic accounting.

TCP Use and Performance on Internet2
Stanislav Shalunov, Benjamin Teitelbaum, ACL SIGCOMM IMW, 2001.
See the pointer to the
Abilene usage report page in the projects section of these

Traffic analysis and infrastructure monitoring in CESNET2
Tom Kosnar, PAM 2001.
Flow-Based Traffic Analysis at SWITCH
Simon Leinen, PAM 2001 (poster).
Presentation and BOF
Dave Plonka, NANOG 21, 2001. Slide presentation and RealVideo
recording. Slides also available here.
FlowScan: A
Network Traffic Flow Reporting and Visualization Tool
by Dave Plonka, Usenix LISA 2000. Also available in full as HTML and PS,
as well as the slides
of the presentation.
Cisco NetFlow Exports with Relational Database Technology for Usage
Statistics, Intrusion Detection, and Network Forensics
by Bill Nickless, John-Paul Navarro, and Linda Winkler, Usenix
LISA 2000.

The OSU Flow-tools Package and CISCO NetFlow Logs
by Steve Romig, Mark Fullmer, and Ron Luman, Usenix LISA
Cisco Flow Logs and Intrusion Detection at the Ohio State University
by Steve Romig, Mark Fullmer, Suresh Ramachandran, Usenix
;login: vol.9, 1999. Describes the use of the OSU flow tools for Intrusion
traffic demands for operational IP networks: Methodology and
by Anja Feldmann, Albert Greenberg, Carsten Lund, Nick Reingold,
Jennifer Rexford, and Fred True, ACM TON, June 2001. Also available:
from a presentation to the ISMA workshop.

Monitoraggio di rete con NetFlow all’ESC07

Thursday, September 13th, 2007

Questo week end saro` presente all’End Summer Camp, l’evento informatico di chiusura estate, dove sabato 15 settembre terro` il mio talk intitolato "Monitoraggio di rete con NetFlow" che raccontera` la storiella di come monitorare reti di elaboratori medio/grandi utilizzando il protocollo NetFlow, da cosa e` a che strumenti utilizzare.

Netflow software list

Monday, May 21st, 2007

Some lists of NetFlow related software.