[unisog] [REN-ISAC] Alert: DNS Smurfing

Peter Van Epp vanepp at sfu.ca
Tue Dec 14 20:04:39 GMT 2004


	A number of us here (me included :-)) use argus: 

http://www.qosient.com/argus

	Here is an article from some years ago about how I use it:

http://www.usenix.org/publications/login/2001-11/pdfs/epp.pdf

	The snort IDS system is another popular choice (www.snort.org)

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada

On Tue, Dec 14, 2004 at 02:22:06PM -0500, Mike.Radomski at itec.suny.edu wrote:
> Hello,
> I have seen many posting in the past about "seeing" traffic and intrusions 
> on networks.  I am wondering what tools everyone is using to analyze 
> traffic and detect intrusions, and more importantly anomalies?
> 
> Thanks!
> 
> -- 
> Mike Radomski 
> 
> SUNY - ITEC 
> Information Technology Exchange Center 
> Systems Programmer/Analyst 
> E-mail: Mike.Radomski at itec.suny.edu 
> Systems E-Mail: scsys at itec.suny.edu 
> Phone: (716)878-4832 
> Cellular: (716)807-4040 
> Fax: (716)878-3485 
> 
> There are only 10 types of people... 
> Those who understand binary and those who don't. 
> 



More information about the unisog mailing list