[Discussion] Features suggestion

• Previous message (by thread): [Discussion] Features suggestion
• Next message (by thread): [Discussion] Features suggestion
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Nov 07, 2008 at 13:22:11 -0500, Jason Lewis wrote:
> devices for the end goal of preventing network attacks?  Instead of
> building a tool that stores netflow, how about a tool that can control
> devices that already collect netflow and use that data in a smarter way?

I've been using IDS with IPaudit/IPaudit-web* with reasonable success in
tracking (potentially) compromised hosts. The graphs also give a quick
overview of host and traffic conditions (caught quite a few p2p users and
worm outbreaks with the graphs alone).

*http://ipaudit.sourceforge.net/ipaudit-web/

• Previous message (by thread): [Discussion] Features suggestion
• Next message (by thread): [Discussion] Features suggestion
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]