Bill East on 17 Dec 2008 12:29:46 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] setting up a network tap

On Wed, Dec 17, 2008 at 9:17 AM, Chad V <> wrote:

> If you look at the original e-mail I sent out, I was already planning
> on running wireshark & ntop on it.  I was curious if anybody would run
> anything else that might provide some useful information about the
> network, traffic, users, applications, etc.

Guess I'd have PoF or use ntop's Web GUI to fingerprint hosts. Too bad
the FIOS router doesn't support flows, ntop's flow facility would work
well. Cheops-NG will let you map your network and see what services
are running internally. These are all pretty useful on a larger
internal network.

Dsniff is going to have tools for targeting specific items; e.g.
URLsnarf to list what URLs users are hitting, mailsnarf for SMTP. In
your shoes I would have it in writing from someone at the company that
they understand that you are going to be looking at sensitive traffic
that may be confidential or embarrassing.
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --