[Snort-users] Basic snort setup for traffic analysis

Nanabhay Mohamed * Group (GP) MohamedN at ...7021...
Tue Oct 1 02:24:03 EDT 2002


>> I want to run snort on a network for about 5 days and then use snortsnarf
>> (or anything else someone can recommend) to analyse what sort of traffic
is
>> going through the network.

>[...snip...]

>You're using the wrong tool.  :)

>Use Ntop[0] or iptraf[1].  They should show you exactly what's going on.

Erm...I think I was a bit vague in what I meant by analysing traffic. What I
*really* need to do is analyse any attacks (if any)on the network over that
period of time... 

Sorry for the that. Any ideas?

Mohamed




More information about the Snort-users mailing list