| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050728104023.A75285@ubzr.zsa.bet> Date: Thu Jul 28 16:43:44 2005 From: measl at mfn.org (J.A. Terranson) Subject: Considering nSight, any opinions? On Thu, 28 Jul 2005, Jason Heschel wrote: > Hi list, > > I tried sending this to a SecurityFocus list but I think everyone's at > Blackhat or something. :) > > We've spent the last few weeks evaluating nSight (www.intrusense.com). > It's been very helpful in identifying exactly what, when and who is > eatting up all of our internal network bandwdith as well expose some > 'strange' internal network behavior which was causing some > intermittent problems with our Windows hosts. Anyways, we're now > considering making a purchase. > > I'm curious to hear any opinions, problems or praise people have for > this software. Does it scale well? It seems to collect a lot of > information. How does it perform after collecting several months worth > of data? While I'm not familiar with this product itself, this sounds like a knockoff of the Arbor product - which I LOVE, but which even the worlds largest NSPs cringe at in terms of price. If you have rudimentary shell scripting skills with just a touch of C, you can easily roll your own using netflow records. Barring that, this class of software provides useful information and I recommend them (by class) as "must have's" to any medium or larger network. HTH, //Alif
Powered by blists - more mailing lists