《网络监控软件介绍.ppt》由会员分享,可在线阅读,更多相关《网络监控软件介绍.ppt(43页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、Survey:Network Traffic Monitoring and analysis systemYangDong-min20033327likebands.postech.ac.krPOSTECHNetworking and Distributed SystemsContentsCategorizationHowtodescribe1.AdventNetWebNMS(Commercial)2.ActiveXperts(Commercial)3.EtherPeek(Commercial)4.LinkFerret(Commercial)5.AlchemyNetworkMonitor(Co
2、mmercial)6.PagerEnterprise(Commercial)7.BigSister(FreeSoftware)8.Analyzer(FreeSoftware)POSTECHNetworking and Distributed SystemsContents9.Ethereal(FreeSoftware)10.WinDump/TcpDump(FreeSoftware)11.NetProbe(FreeSoftware)12.Snuffle(FreeSoftware)POSTECHNetworking and Distributed SystemsCategorizationuWhe
3、theritsupportsNMP(NetworkMonitoringPlatforms)ornotMonitoringToolsIntegratedwithNMPMonitoringTools,notintegratedwithanNMPuWhetheritissupportedforfreeornotCommercialMonitoringToolsPublicDomainNetworkMonitoringToolsPOSTECHNetworking and Distributed SystemsHow to describeA.Name,Company|Organization|Deve
4、loperB.FunctionalitiesC.ArchitectureD.PlatfromssupportedE.UserInterfacessupportedF.URLsG.ImportantthingsPOSTECHNetworking and Distributed SystemsAdventNet Web NMSA.AdventNet,WebNMS4B.Openstandards-basedarch.withsupportforTL1,SNMP,CORBA,CLI,RMI,XML,andTMFProactivealarm/eventmanagementwithcustomizable
5、filtering/propagationanddrilldownEventcorrelationandrootcauseanalysisMulti-levelthresholdingandhysteresisParameterizedXMLtasksforstreamliningconfigurationandprovisioningfunctionsPowerfulconfigurationmanagementadd/modify/deletewithrollbackcapability,auditlogsFine-grainedsecuritywithextensibleaccessco
6、ntrolandauthorizationwithsupportforusers,groups,roles,operations,andobjectviewsJ2EEsecuritymodelBusinessrulescapabilityfordynamiccontrolCustomizablereportingXMLmediationformanagementprotocolssuchasSNMP/TL1/CORBA/TFTP/XML/CLI/TelnetPOSTECHNetworking and Distributed SystemsAdventNet Web NMSC.D.Windows
7、NT4/95/98/2000/XP,RedHatLinux6.2/7.2,Solaris2.6/2.7/2.8,HP-UX,IBMAIXPOSTECHNetworking and Distributed SystemsAdventNet Web NMSE.Displaying DSLAM Devices in a MapChassis View of DSLAM DeviceStart NMSPOSTECHNetworking and Distributed SystemsAdventNet Web NMSConfiguring DSLAM Device ParametersAlerts fr
8、om the DSLAM Device and Sub-components and Its PropagationF.http:/ and Distributed SystemsActiveXpertsA.ActiveXpertsNetworkMonitor5.21,ActiveXpertsB.1.Monitoringvariousapplicationservices2.Monitoringvariousdatabases,likeOracle,MSSQLandanyODBCcompliantdatabases3.Monitoringnetworks,networkprotocolsand
9、networkservices4.WritecustomMonitorFunctionsusingthestandardVBScriptscriptinglanguage5.MonitorRulesareprocessedsimultaneouslybythemultithreadedmonitoringengine.Bydefault,thereare16threadstoprocess6.MonitorRulessimultaneously7.Monitoringengineisself-tuning;thenumberofthreadsadapttothenumberofrulestob
10、eprocessedperminutePOSTECHNetworking and Distributed SystemsActiveXpertsC.Engine(monitoring,notifying,triggeringactions,recovery,logging)+Manager(viewingresults,configuring)D.Windows/Novell/UNIX/LINUXE.POSTECHNetworking and Distributed SystemsActiveXpertsE.Tomakechangestotheconfigurationandviewthemo
11、nitoringresultsToenableoperatorstomonitorandconfigurefromtheirdesktopExplorer-likeuserinterface,withaFolderpane,aMonitorRulespaneandaLogpaneUserpermissionmechanismF.http:/ and Distributed SystemsEtherPeekA.EtherPeek,WildPacketsB.CapturingpacketsConversationsviewNameresolutionAlarmsFiltersGlobalstati
12、sticsViewingdecodedpacketsViewingstatisticswithyourwebbrowserPOSTECHNetworking and Distributed SystemsEtherPeekC.NDIS3orhigherD.Windows2000/XPPOSTECHNetworking and Distributed SystemsEtherPeekE.F.http:/ and Distributed SystemsLinkFerretA.LinkFerret,BaseBandB.C.Ethernetand802.11Bnetworkmonitorandpack
13、etsnifferWirelessmonitoringfunctionality,includingsignalmonitoring,channelscannning,andWEPdecryptionRemotecapturingfunctionalitySupportsavarietyofstandardtracefileandreportformatsthatmakeiteasytocapture,storeandsharenetworktrafficdataPOSTECHNetworking and Distributed SystemsLinkFerretD.Windows98/ME/
14、2000/XP/NT4.0withServicePack4orbetterinstalledIEver.5E.F.http:/ and Distributed SystemsAlchemy Network MonitorA.DEK,AlchemyNetworkMonitorB.AlchemyNetworkMonitormonitorsserverfunctionsusingavarietyofprotocolsandservices:TCP/IP|ICMP|IPX/SPX|OracleServer|MSSQLServer|Freediskspace|NTEventLog|SQLqueryres
15、ult|HTTP(S)/FTPURL|AnyDatabaseserver|NTServiceStatus|Externalapplicationexecution|Fileexistencemonitoring|NetBIOS|SMTP/POP3|RASServerCustomVBScriptprogramsPOSTECHNetworking and Distributed SystemsAlchemy Network MonitorC.D.Windows9X,NT,2000,XP,&2003ServerCompatibleE.F.http:/ and Distributed SystemsP
16、agerEnterpriseA.PagerEnterprise,AVTECHB.Tomonitorsystems,servers,logfiles,TCP/IP,SNMPMIBs,disks,syslogs,services,files,webpages,WMI,scheduledFTPs,devices,networkconnections,taskobjects,processes,directoriesandmoreTosupportmixedplatformnetworksbypollingvariousOS(WindowsNT/2000/XP,NovellNetWare,UNIX,L
17、inuxandothers)InformationobtainedfromvarioussystemresourcesorlogfilesallowsPageRtoalertstaffortakecorrectiveactionswhenneededRegularlytocheckthesystem,server&networkissuesonatimeintervalspecifiedbythemanagerduringsetup,typicallyeveryminuteoramultipleofminutesTomonitoracrossanunlimitednumberofsystems
18、orOStypes,throughoutthedepartmentorenterprisePOSTECHNetworking and Distributed SystemsPagerEnterpriseC.D.WindowsNT4/XP/2000POSTECHNetworking and Distributed SystemsPagerEnterpriseE.F.http:/ and Distributed SystemsBigSister(Free software)A.BigSister,BigSisterB.monitornetworkedsystemsprovideasimplevie
19、wofthecurrentnetworkstatusgeneratealarmsonstatuschangesgenerateahistoryofstatuschangesinteroperatewithotherBigSisterorBigBrotherinstancesorforeignnetworkmonitors(suchasHPOpenview)POSTECHNetworking and Distributed SystemsBigSister(Free software)C.D.Linux/SystemssupportingWin32POSTECHNetworking and Di
20、stributed SystemsBigSister(Free software)E.POSTECHNetworking and Distributed SystemsBigSisterE.F.http:/ and Distributed SystemsAnalyzer(Free software)A.Analyzer,http:/analyzer.polito.it/(FulvioRisso,GianlucaVarenni)B.Itcapturespacketsfromnetwork.Itdisplaysthemthroughagraphicalinterface.ItusesWinPcap
21、library.FullIPv6supportSupportforremotecapturethroughtheproproperextensionstoWinPcap.PleasereferstoWinPcapfortheproperdocumentationforinstallingaremotecaptureserverPotentialcrossplatformsupport,althoughthecurrentreleasesupportsonlyWin32LANnodediscovery,toseeallthehoststhatareonyourLANsegmentNetworks
22、tatisticsNetworkmonitorHTMLsupportEventLoggingcapabilitiesNetPDL-basedprotocoldefinition:ithasanewprotocoldecodingenginebasedonXMLPOSTECHNetworking and Distributed SystemsAnalyzer(Free software)C.D.http:/analyzer.polito.it/POSTECHNetworking and Distributed SystemsAnalyzer(Free software)POSTECHNetwor
23、king and Distributed SystemsEthereal(Free software)A.Ethereal,EtherealB.GUICapturefilescanbeprogrammaticallyeditedorconvertedviacommand-lineswitchestotheeditcapprogram393protocols:802.11MGT,AAL1,AAL3_4,AARP,ACAP,AFP,AFS(RX),AH,AIM,AJP13,ANS,AODV,ARCNET,ARP/RARP,ASAP,ASF,ASP,ATM,ATMLANE,ATP,ATSVCOutp
24、utcanbesavedorprintedasplaintextorPSDatadisplaycanberefinedusingadisplayfilterDisplayfilterscanalsobeusedtoselectivelyhighlightandcolorpacketsummaryinformationAllorpartofeachcapturednetworktracecanbesavedtodisk.POSTECHNetworking and Distributed SystemsEthereal(Free software)C.D.SunOS,Linux,Windows95
25、/2000/XPNPF(Netgroup Packet Filter)device driverPOSTECHNetworking and Distributed SystemsEthereal(Free software)E.F.http:/winpcap.polito.it/http:/ and Distributed SystemsWinDump/TcpDump(Free software)A.TcpDump,http:/www.tcpdump.org/-VanJacobsonB.Tcpdumpprintsouttheheadersofpacketsonanetworkinterface
26、thatmatchthebooleanexpression.C.POSTECHNetworking and Distributed SystemsWinDump/TcpDump(Free software)D.TcpDump:Linux/UnixWinDump:Windows98/2000/XPE.TcpdumpPOSTECHNetworking and Distributed SystemsWinDump/TcpDump(Free software)E.WindumpPOSTECHNetworking and Distributed SystemsWinDump/TcpDump(Free s
27、oftware)F.http:/windump.polito.it/http:/www.tcpdump.org/POSTECHNetworking and Distributed SystemsNet Probe(Free software)A.NetProbe,ObjectPlanetB.C.WatchinrealtimewhichprotocolsareusedonyournetworkWatchinrealtimewhichhostsareactiveonyournetworkandtheInternetWatchinrealtimewhichconversationsaretaking
28、placeonyournetworkandtoandfromtheInternetWatchinrealtimedetailedprotocolstatisticsperhostWatchinrealtimedetailedprotocolstatisticsperconversationWatchinrealtimenetworkcarddetailsforyournetworkWatchtrafficamountovertimeforanyhost,conversation,andprotocolWatchtrafficamountofselectedentriesrelativetoth
29、etotalandfilteredtrafficFilteroutselectedprotocols,selectedhosts,selectedconversations,andselectednetworkcardsSortnetworktrafficbytheamountofbytesorpacketssent/receivedExportnetworktrafficstatisticsdataPasswordprotectionConfigureusersPOSTECHNetworking and Distributed SystemsNet Probe(Free software)D
30、.WindowsNT/2K/XP/2003/Linux/FreeBSD/Solaris/MacOSXJava1.1.8runtimeorlaterinstalledNetworkcardwithpromiscuousmodecapabilityPOSTECHNetworking and Distributed SystemsNet Probe(Free software)E.POSTECHNetworking and Distributed SystemsNet Probe(Free software)F.http:/ and Distributed SystemsSnuffle(Free s
31、oftware)A.Snuffle,BertholdRathke/ChristianHoeneB.1.Toobserveprotocolbehaviordirectlyinsidetheprotocolinstancesofendsystems(IPv4,TCPandUDP)2.Toobservesthetrafficresultingfromadatacommunicationbetweentwomobilestationsbyathirdstation,becauseoftheinstablewirelessphysicallink,inwirelessenvironmentPOSTECH
32、Networking and Distributed SystemsSnuffle(Free software)C.D.Linux(i386,Kernel2.2.10)POSTECHNetworking and Distributed SystemsSnuffle(Free software)E.TocontrolSnuffleremotely,theyimplementedacomfortableGUI,completelywritteninJava(JDK1.1.7aorhigherrequired).F.http:/www.tkn.tu-berlin.de/equipment/snuffle/intro.html