On Monday 07 March 2005 03:27, Rebel wrote:
I have a few questions for the traffic analysis and network administration. I know there are a lot of system admins here and someone can shed some light on these for sure.
I have a router, cable dsl and 3 machines connected in the intranet via wireless cards and 1 via ethernet via router. I have the following questions. One is the Linux box and others are windows boxes running XP
- From the linux box, if I try to run nmap I can see
open ports of all other machines which is fine. Is there any other tool for port scanning and seeing what services/programs are running on these windows boxes.
- Lets say I want to administer packets at the router
level and want to see which packet is going to which machine (both to and fro), what tools/tips and techniques are recommended for the same.
Thanks a Lot, Regards, Rebel
iptraf, ethereal, tcpdump are all good packet capture applications. Snort ( www.snort.org ), an intrusion detection application, make's very good guesses about what's running on other machines and another, named Nessus ( www.nessus.org ) is rather informative too. Ntop ( http://www.ntop.org/ntop.html ) will show you a fancy breakdown of your network traffic by machine/protocol/application etc.
Regards, Mike Klinke