Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Keeping an eye on your network with PasTmon
Special Forums News, Links, Events and Announcements UNIX and Linux RSS News Keeping an eye on your network with PasTmon Post 302263605 by Linux Bot on Tuesday 2nd of December 2008 04:10:02 AM
Old 12-02-2008
Keeping an eye on your network with PasTmon
12-02-2008 02:00 AM
The PasTmon passive traffic monitor keeps an eye on your network, recording which clients are interacting with which services, when and how long things took. You can then use the application's PHP Web interface to investigate these figures to see if any host is connecting to Web services that it shouldn't, or is contacting services suspiciously more frequently than you would expect for normal operation, or when response times become excessively long.



Source...
 

2 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Keeping an eye on all user activities

I am responsible for administering 6 Tru64UX servers. I need to keep an eye on all the commands executed by all the users. Is there a way where I can save the commands executed in a seperate folder and then keep checking the list every now and then. How can do it ? (5 Replies)
Discussion started by: shauche
5 Replies

2. AIX

EYE function

Hello, could someone tell me if there's a function as on SOLARIS : EYE, to identify the function of server. Thank you, (4 Replies)
Discussion started by: rimob
4 Replies

LEARN ABOUT DEBIAN

prads-asset-report

PRADS-ASSET-REPORT(1)						    networking						     PRADS-ASSET-REPORT(1)

NAME

       prads-asset-report - PRADS Text Reporting Module

SYNOPSIS

	  prads-asset-report -r /var/log/prads-asset.log -w /tmp/asset-report.txt

DESCRIPTION

       PRADS is a Passive Real-time Asset Detection System.

       PRADS  passively  listens  to network traffic and gathers information on hosts and services it sees on the network. This information can be
       used to map your network, letting you know what services and hosts are alive/used, or can be used together with your favorite IDS/IPS setup
       for "event to host/service" correlation.

       Gathering  info	about your hosts in real-time will also let you detect assets that are just connected to the network for a short period of
       time, where a active network scan (nmap etc.) would take long time, and not common to run continually, hence missing the asset.

       prads-asset-report parses prads-asset.log prints out some useful information about the hosts prads has managed to gather info about.

OPTIONS

       -r <file>
	      PRADS Raw Report File

       -w <file>
	      Output file

       -i <IP>
	      Just get info for this IP

       -n     Do not convert IP addresses to names.

       -p     Do not convert RFC 1918 IP addresses to names.

PROBLEMS

       1. Much more logic can be built into it!

SEE ALSO

       o PRADS <http://prads.projects.linpro.no/>

       o p0f <http://lcamtuf.coredump.cx/p0f.shtml>

       o PADS <http://passive.sourceforge.net/>

BUGS

       Report bugs here:

       o http://github.com/gamelinux/prads/issues

       For general questions:

       o http://projects.linpro.no/mailman/listinfo/prads-devel

       o http://projects.linpro.no/mailman/listinfo/prads-users

AUTHOR

       edwardfjellskaal@gmail.com

COPYRIGHT

       GPL

0.2								    2010-06-21						     PRADS-ASSET-REPORT(1)
All times are GMT -4. The time now is 10:28 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy