• Sign in to Neowin Faster!

    Create an account on Neowin to contribute and support the site.

  • 0
Sign in to follow this  

Q: Network analyzing & collecting tools?

Question

Dutchie64    676

Hi all,

Apologies if this has a thread somewhere....

I would like to know what people are using for network analyses, free/OSS or paid solutions.
And with analysis I mean a more or less simple way to collect data about:
- All computers on the network,
- The OS and applications installations/versions
- Network traffic/port use

So a 'security risk' based check of the hardware and software running, so you can plan some security hardening on your systems.

I know about applications like WireShark for network traffic checks, but would like to know if there are applications out there that can collect a lot of data at once.
There's quite a few apps out there, but it's interesting to see what people actually using for this.

cheers for any tips, links etc.

rob

Share this post


Link to post
Share on other sites

5 answers to this question

Recommended Posts

  • 0
+BudMan    3,551

It helps do understand what actual hardware your working with.. For your switches for example - do they support snmp, can they send flows?  Do they support span ports.

 

Its highly unlikely that all the things you mentioned can be handled all by the same tool.

Share this post


Link to post
Share on other sites
  • 0
sc302    1,745

Nagios can do a lot, so can splunk, and even graylog.  Network teams use a specific set of software, desktop teams use a different set of software, systems teams might use a combination.  

Share this post


Link to post
Share on other sites
  • 0
goretsky    1,065

Hello,

 

It sounds like you are looking for a device management solution, like Connectwise, Kaseya, Microsoft Intune, SolarWinds, etc.

There are some enterprise security programs out there, usually marketed as endpoint anti-malware or endpoint detection and response (EDR) that do this as well.

Regards,

Aryeh Goretsky

Share this post


Link to post
Share on other sites
  • 0
Dutchie64    676

Cheers all!

What about the KomodoLabs tools, Slitheris & Newt? Anyone has experience with these tools? Or are these too 'lightweight'?

But thanks for all the tips! Will investigate further on this :)
And I don't mind using several tools, as long as some of the data will come out on top at some point.


@goretsky: Are you linked to ESET in some way? Just curious ;)

 

Share this post


Link to post
Share on other sites
  • 0
goretsky    1,065

Hello,

I'm one of the many researchers that works at ESET, @Dutchie64.

Regards,

 

Aryeh Goretsky

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.