|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] setting up a network tap
|
On Wed, Dec 17, 2008 at 9:17 AM, Chad V <csv@gamebox.net> wrote:
> If you look at the original e-mail I sent out, I was already planning
> on running wireshark & ntop on it. I was curious if anybody would run
> anything else that might provide some useful information about the
> network, traffic, users, applications, etc.
Guess I'd have PoF or use ntop's Web GUI to fingerprint hosts. Too bad
the FIOS router doesn't support flows, ntop's flow facility would work
well. Cheops-NG will let you map your network and see what services
are running internally. These are all pretty useful on a larger
internal network.
Dsniff is going to have tools for targeting specific items; e.g.
URLsnarf to list what URLs users are hitting, mailsnarf for SMTP. In
your shoes I would have it in writing from someone at the company that
they understand that you are going to be looking at sensitive traffic
that may be confidential or embarrassing.
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|