[clug] IP network traffic monitoring
Andrew Pollock
andrew-clug at andrew.net.au
Wed Sep 14 06:06:48 GMT 2005
On Wed, Sep 14, 2005 at 11:27:28AM +1000, Tony and Robyn Lewis wrote:
> I am a paranoid bunny. I want a tool that will sniff my internet-facing
> interface, and store "flow" information (source/dest IP/port, time,
> proto, packet/byte count). Does such a beast exist as a debian package,
> or any other package?
You'd be wanting Argus (argus-client, argus-server), maintained in Debian by
Yours Truly.
It includes something called ragraph, which I believe can create RRD style
graphs out of Argus data. Be prepared for a steepish learning curve, lots of
disk space, lots of time post-processing the logs, but it will tell you want
you want to know. In multiple ways. And if you run it wrong, with multiple
inconsistent sets of figures :-|
regards
Andrew
More information about the linux
mailing list