[Snort-users] ntop

Florin Andrei florin at ...3506...
Tue Sep 25 17:25:06 EDT 2001


On Tue, 2001-09-25 at 15:25, Robert van der Meulen wrote:
> 
> 'ntop' is a network statistics gatherer:

Yes, that was my first impression too, but if you go to www.ntop.org
click on Docs and take a look at the second document from
Papers/Articles ( http://jake.unipi.it/~deri/ntop_IEEE.pdf.gz ) you will
see things like "portscan detection, spoofing detection, spy detection,
trojan horse detection, denial of service", etc.etc.

Like i said, i have a feeling that it's got only very superficial IDS
capabilities, but i cannot vouch for that since i don't have first hand
experience with ntop.

-- 
Florin Andrei

"Our mail system is
MS Exchange-Me-For-A-Real-Mailer-Please" - an unhappy sysadmin





More information about the Snort-users mailing list