[BBLISA] Pix Syslog Analyzer

Dean Anderson dean at av8.com
Tue Dec 12 18:00:51 EST 2006 

Why not put an old fashioned hub (not switch) between the pix and your
user switches, and sniff traffic for stats there?  (have people
forgotton ethernet hubs and vampire taps?, thicknet?, thinnet?)

Alternately, setup your ubuntu system with two interfaces bridging and
sniff packets as they go through...  You'll have to lookup bridging in
linux, though.  There are some truly evil things that can be done with a
linux system ethernet bridge (think ip tables on a bridge! yikes! debug
that...).

			--Dean

On Mon, 11 Dec 2006, Nathan Faust wrote:

> Thanks for the thought.
> 
> I would say that half the employees are on a managed switch, leaving the
> other half on a series of unmanaged switches.  I'm currently looking for
> one fully managed switch that I can put everyone on.
> 
> Nathan.
> -----------------------
> Nathan Faust
> Systems Administrator
> Merchant Warehouse
> Two International Place
> Fourth Floor
> Boston, MA  02110 
> Phone:  617.896.5558
> Fax:    617.854.8923
> http://www.merchantwarehouse.com/ 
> 
> 
> -----Original Message-----
> From: Steve Meuse [mailto:smeuse at mara.org] 
> Sent: Monday, December 11, 2006 4:54 PM
> To: Nathan Faust
> Cc: bblisa at bblisa.org
> Subject: Re: [BBLISA] Pix Syslog Analyzer
> 
> Nathan Faust expunged (nfaust at merchantwarehouse.com):
> 
> > Hi all,
> > 
> > I'm trying to find or build a simple program to run on my Ubuntu Linux
> 
> > server that takes the syslog files or SNMP info from my Cisco Pix 515e
> 
> > and gives me a bandwidth utilization of employees and the 
> > sites/services they are using.
> 
> Have you thought about SNMP polling the Ethernet switch ports the
> employees are connected to? If you already are using MRTG to monitor
> your router, just add the switch ports in. This, of course, assumes you
> are using a managed switch. If you are using an unmanaged switch you
> won't have this capability. 
> 
> 
> -Steve
> 
> 
> 
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
> 
> 

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000

More information about the bblisa mailing list