| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Jul 28 16:18:52 2005 From: jason.heschel at gmail.com (Jason Heschel) Subject: Considering nSight, any opinions? Jon, Actually ntop is what we're trying to move off of. It's a great tool, but we needed more data and more flexibility. We looked at Q1Labs QRadar as well, but couldn't afford it. nSight appears to be somewhere in the middle. On 7/28/05, Jon Dossey <JDossey@...tahealthgroup.com> wrote: > > Hi list, > > > > I tried sending this to a SecurityFocus list but I think everyone's at > > Blackhat or something. :) > > > > We've spent the last few weeks evaluating nSight (www.intrusense.com). > > It's been very helpful in identifying exactly what, when and who is > > eatting up all of our internal network bandwdith as well expose some > > 'strange' internal network behavior which was causing some > > intermittent problems with our Windows hosts. Anyways, we're now > > considering making a purchase. > > > > I'm curious to hear any opinions, problems or praise people have for > > this software. Does it scale well? It seems to collect a lot of > > information. How does it perform after collecting several months worth > > of data? > > > > -jason > > I'm a big fan of NTOP (http://www.ntop.org) personally. > > Just span some ports on a core switch, setup your netflows, and watch > the fireworks. Great piece of software. Just need to remember the > PF_RING kernel patch if you're capturing a significant amount of > traffic. > > .jon > >
Powered by blists - more mailing lists