CentOS - Aug 2012 - NTOP alternatives?

Hi all.

I have currently a task to implement a network traffic analyzer. Some years
ago I've used NTOP for that purpose, I would also like to test some
alternatives.
Which alternatives can you recommend and why?

Thanks ;)

Best regards,
Rafa? Radecki.

On 28/08/2012 07:35, Rafa? Radecki wrote:
> Hi all.
>
> I have currently a task to implement a network traffic analyzer. Some years
> ago I've used NTOP for that purpose, I would also like to test some
> alternatives.
> Which alternatives can you recommend and why?
>
> Thanks ;)
>
If you looking at just a netflow web-frontend & netflow processing I 
quite like nfsen / nfdump

-- 
Regards,

Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
giles at coochey.net

On Tuesday, August 28, 2012 02:35:25 AM Rafa? Radecki
wrote:
> Hi all.
> 
> I have currently a task to implement a network traffic analyzer. Some years
> ago I've used NTOP for that purpose, I would also like to test some
> alternatives.
> Which alternatives can you recommend and why?
As a package, either the Fedora-based NetworkSecurityToolkit (NST) or the
loosly-based-on-ubuntu BackTrack are nice.  NST has some very cool features, and
a web UI that allows some nice options.

NST runs best on a dedicated piece of hardware; slap a couple of GigE NIC's
in a good box with dual procs, put one GigE on a SPAN port or a hardware tap,
install NST on it and configure to your liking.  If you want prepackaged updates
that you don't have to built yourself, subscribe to the NSTPro service.

www.networksecuritytoolkit.org

I'm using it here, and coupled with the power and configurability of
Cisco's SPAN it works really well for troubleshooting.  I'm using it
enough that I set up my own builder on Fedora 16, and have been building my own
updates out of NST's SVN, which has been interesting....