I'm a netadmin on a campus with about 5000 users. Being that Linux seems to be the way to go for network analysis tools, we've tested a variety of packages, including ethereal. However, so far as customization goes, I've found snort to be one of the best. With it, we can configure custom rules to sniff out just about any p2p client, trojan pattern, or any other network traffic inhibiter. Ethereal is good stuff, but for a monitoring station, snort got our vote.
Slashdot Mirror
I'm a netadmin on a campus with about 5000 users. Being that Linux seems to be the way to go for network analysis tools, we've tested a variety of packages, including ethereal. However, so far as customization goes, I've found snort to be one of the best. With it, we can configure custom rules to sniff out just about any p2p client, trojan pattern, or any other network traffic inhibiter. Ethereal is good stuff, but for a monitoring station, snort got our vote.