Re: [Nfsen-discuss] first steps / best-practice / examples
Netflow visualisation and investigation tool
Brought to you by:
phaag
Menu
▾
▴
Re: [Nfsen-discuss] first steps / best-practice / examples
|
From: Nikolaos M. <nm...@no...> - 2013-03-01 19:19:01
|
On 28/2/2013 8:55 μμ, Michael Markstaller wrote: > The ambition is to detect things like large-scale Portscans form > internal and external, internal Hosts doing "strange" things like > trying/sending many SMTP (despite legitimate Servers) out and whatever > one could imagine being unusual traffic. I had requested the same thing in the past, see threads: http://www.mail-archive.com/nfs...@li.../msg02502.html http://www.mail-archive.com/nfs...@li.../msg02535.html http://www.mail-archive.com/nfs...@li.../msg02497.html Development in this area would turn nfsen to a really (administrator's) life-saving application. I hope we shall see some advancement in this field in the near future. (It's up to Peter.) Nick |
