[BlueOnyx:13185] Re: Monitoring tools
Michael Stauber
mstauber at blueonyx.it
Wed Jun 5 18:30:56 -05 2013
Hi George,
> With the recent spate of DNS attacks, I've found some tools (one just
> today) that can prove very useful in observing and figuring out what's
> going on with DNS and other traffic.
>
> 1. iftop - A very easy to use text-terminal program to watch various
> sorts of traffice to/from a network interface. It has filters and options
> to narrow down the displayed info, plus a nifty integrated bar graph that
> shows relative amounts/speed of traffic to/from various connecting IPs.
> I'd not be without this one!
> Info at: <http://en.wikipedia.org/wiki/Iftop>
> Home page/code at: <http://www.ex-parrot.com/pdw/iftop/>
>
> 2. dnstop - Another text-terminal program that watches and reports
> specifically DNS types of traffic/queries.
> Info and pre-built RH/Centos RPMs at:
> <http://dns.measurement-factory.com/tools/dnstop/index.html>
>
> 3. dns_flood_detector - a daemon or bind-integrated alarm/analyzer
> for DNS flooding. I've just learned of this one, and haven't had
> the chance yet to play around with it.
> Info and code at: <http://www.adotout.com/dnsflood.html>
>
> I'd recommend these for consideration as Blue Quartz repository packages.
Yeah, from the descriptions that looks quite useful. With the new UI
libraries for displaying graphs and pie charts in the new BlueOnyx I'm
looking at new ways to gather and present useful statistics for various
things. I'll see what I can come up with.
So far I've also looked at this, which is interesting as well:
http://www.thegeekstuff.com/2011/03/sar-examples/
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list