01-10-2008 04:28 PM - edited 03-11-2019 04:46 AM
I would like to ask my fellow security geeks out there to assist me in determining the types and amount of non-vpn traffic going from inside to to the internet. I don't have Net Flow, and I don't have time to put a sniffer on. Is there some type so cisco tool that can do this? Thank you
01-10-2008 05:27 PM
a sniffer is going to be the best way to do this. try wireshark (formerly known as ethereal).
i'm not sure how much time you think putting a sniffer on the network takes, but in the time it took you to compose your original post and read this, you could nearly have one up and running.
01-10-2008 06:23 PM
wireshark on windows? I don't think wireshark
can do the job especially if you're talking
capture about 20GB of data.
The best thing to do, IMHO, is to run
tcpdump on gentoo linux or FreeBSD and dump
it into a file. This will allow you to replay
the data later from the same linux system
via ethereal/wireshark from X-windows.
Wireshark is ok for simple task but if you
think about capturing a lot of data for
replay, tcpdump is the way to go.
CCIE security
01-10-2008 07:44 PM
in that case you may as well use openbsd.
where did you get 20gb from anyway?
01-10-2008 07:56 PM
in order to determine traffics type, you need
a lot of data. As a security guy, I would
think 20GB is not that much.
01-11-2008 09:19 AM
Guy's thank you for your prompt responses. I truly appreciate your help. Sniffers are great for looking that the different types of traffic but one of my requirements is bandwidth utilization for each protocol the sniffer would see.
I may be wishing upon a star because the tool that I need would visually display an overlay graph with bandwidth(s) displayed. Any ideas?
01-11-2008 09:53 AM
You need a device like a packeteer...
satya
01-11-2008 09:53 AM
ASDM 6 includes a dashboard which includes top sources/destination/services etc.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide