[gsferrari]

I want to monitor network traffic on a LAN and use a Knoppix PC as a sort of passive IDS. Doesnt send out any logs, alerts...nothing. Everything is processed on the local terminal.

Does anyone know what tools I might need and where I can find them?

Nessus scans, IP Traffic monitoring and patterning...tools along these lines?


Anyone else use knoppix for network analysis on the go? I ended up at a customer site and knoppix really saved the day considering that our monitoring and response solutions were still in the box...and things were going crazy on his network...

 

[rsabo]

I remember tooling around with Ethereal on my Dad's work network a couple times. Heh, that was fun...

 

[dino9832]

ethereal is the granddaddy of snooping tools.
Some other fun ones are:
etherape - graphical view of network traffic. Not useful in actual capture, but cool to watch.
driftnet - displays every picture that flows through the network.