lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Fri Jul 29 16:49:47 2005
From: dmaidlow at openspatial.com (Darrin Maidlow)
Subject: Considering nSight, any opinions?

Hi Jason,

Our company purchased nSight v1 last fall and have been using ever since.
We're also running a beta version (http://www.intrusense.com/products/beta)
of their v2 product right now in tandem. It's quite an eye opening
experience when you really see what your employees are up to and how they
spend their time.

First of all the v2 product is MUCH easier to deploy. We had 2 collector
agents up in less than an hour and reporting data. v2 also appears to be
much faster. Network usage which would have taken 1-2 minutes to process are
now completed in 20-30 seconds.

One thing I wouldn't recommend is skimping on hardware. The last thing
you'll want is for the machine to start slowing down after you've collected
6+ months worth of network data. We use a standard HP DL380 with 1GB RAM and
have a total of 4 collector agents deployed. With 9 months worth of data I
haven't noticed any significant slow down.

All in all, nSight has been a very valuable component in our suite of
network/network security tools. I recommend it.

darrin
-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Jason
Heschel
Sent: Thursday, July 28, 2005 11:07 AM
To: full-disclosure@...ts.grok.org.uk
Subject: [Full-disclosure] Considering nSight, any opinions?

Hi list,

I tried sending this to a SecurityFocus list but I think everyone's at
Blackhat or something. :)

We've spent the last few weeks evaluating nSight (www.intrusense.com).
It's been very helpful in identifying exactly what, when and who is eatting
up all of our internal network bandwdith as well expose some 'strange'
internal network behavior which was causing some intermittent problems with
our Windows hosts.  Anyways, we're now considering making a purchase.

I'm curious to hear any opinions, problems or praise people have for this
software. Does it scale well? It seems to collect a lot of information. How
does it perform after collecting several months worth of data?

-jason
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

--

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ