On Monday 07 March 2005 03:27, Rebel wrote: > I have a few questions for the traffic analysis and > network administration. I know there are a lot of > system admins here and someone can shed some light on > these for sure. > > I have a router, cable dsl and 3 machines connected in > the intranet via wireless cards and 1 via ethernet via > router. I have the following questions. One is the > Linux box and others are windows boxes running XP > > 1. From the linux box, if I try to run nmap I can see > open ports of all other machines which is fine. Is > there any other tool for port scanning and seeing what > services/programs are running on these windows boxes. > > 2. Lets say I want to administer packets at the router > level and want to see which packet is going to which > machine (both to and fro), what tools/tips and > techniques are recommended for the same. > > Thanks a Lot, > Regards, > Rebel > iptraf, ethereal, tcpdump are all good packet capture applications. Snort ( www.snort.org ), an intrusion detection application, make's very good guesses about what's running on other machines and another, named Nessus ( www.nessus.org ) is rather informative too. Ntop ( http://www.ntop.org/ntop.html ) will show you a fancy breakdown of your network traffic by machine/protocol/application etc. Regards, Mike Klinke
