-
Notifications
You must be signed in to change notification settings - Fork 22
Flow apps
http://ehnt.sourceforge.net/ The purpose of this EHNT (pronounced 'ent') is to get some useful information from netflow (version 5 only) without too much trouble. The typical EHNT user is a network administrator operating routers capable of exporting netflow packets. Platforms: GNU/Linux, Unix
http://flavio.sourceforge.net/ Flow Loader And Virtual Information Output (F.L.A.V.I.O.) is a data grapher for NetFlow. It gathers data from a NetFlow data exporting device, loads it into a MySQL database and can generate daily, weekly, monthly, and yearly charts. It shows traffic split by ports, statistics on total utilization, and generates percentile 95 information suitable for billing in burstable services. Platforms: Linux, Unix
https://code.google.com/p/flowd/ flowd is a small, fast and secure NetFlow collector. Platforms: OpenBSD, Linux
http://www.caida.org/tools/utilities/flowscan/ FlowScan analyzes and reports on Internet Protocol (IP) flow data exported by routers. Platforms: GNU/Linux, Unix
http://www.splintered.net/sw/flow-tools/ - not found flow-tools is library and a collection of programs used to collect, send, process, and generate reports from NetFlow data. Platforms: Linux, Unix
http://fprobe.sourceforge.net/ fprobe is a NetFlow probe that collects network traffic data and emit it as NetFlow flows towards the specified collector. Platforms: Linux, Unix
http://lionet.info/ipcad/ IPCAD stands for IP Cisco Accounting Daemon. It runs in background, listens traffic on the specified interfaces, and records the traffic for later retrieval and analysis. IPCAD can use raw BPF devices, PCAP library, divert, tee or Linux iptables' ULOG and IPQ packet sources to capture the packets. Platforms: Linux, Unix
https://github.com/CESNET/ipfixcol An extensible, open-source IPFIX collector that is actively being developed. IPFIXcol comes with a whole set of tools, among which fbitdump, which is similar to nfdump, but then for IPFIX data stored in fastbit format. Platforms: Linux, Unix
http://jnca.sourceforge.net/ JNCA (Java Netflow Collector and Analyzer) is a pure Java solution to IP network flow management based on Netflow version 1, 5, 7, 8, and latest version 9. Platforms: Java
NetFlow Analyzer is a web-based bandwidth monitoring tool that collects NetFlow data exported from routing devices, and uses it to analyze network traffic and report on bandwidth usage across the network. Platforms: Windows 2000/XP, Linux
The NetUP NDSAD utility captures IP-traffic from network interfaces and export NetFlow v.5.Data is gathered from libpcap library on Unix and from winpcap on Windows.Also you are able to use tee/divert sockets on FreeBSD and ULOG on Linux for data source Platforms: Windows 2000/XP, Linux, Unix
NetFlow Monitor (NF) is tool for processing and evaluating NetFlow Exports from CISCO routers. Platforms: Linux, Unix
NEye (Network Eye) is a NetFlow collector software working on Unix systems which is capable of receiving flows from Cisco Routers (but not only) and store them in ASCII (for raw grepping), in SQLite databases (for quick and dirty SELECTs) or in full blown MySQL databases. Platforms: Linux, Unix
The nfdump project is a set of tools to collect and process netflow data. It's fast and has a powerful filter pcap like syntax. Nfdump supports netflow version v5 and v7. nfdump 1.5 beta now supports netflow v9 as well as IPv6. Platforms: Linux, Unix
NfSen is a graphical web-based front end for the nfdump netflow tools. With NfSen, you can display your netflow data from many sources: Flows, Packets and Bytes, easily navigate through the netflow data, process the netflow data within the specified time span, create history as well as continuous profiles, and write your own plug-ins to process and disply netflow data on a regular interval. Platforms: Linux, Unix
The program nfstat is used to produce weekly human-readable reports from raw NetFlow v5 data produced by Cisco or Juniper routers (and others). The data is expected to be collected using the flow-tools package (nfstat understands flow-tools internal format). Platforms: Linux, Unix
http://www.ntop.org/products/nprobe/ An open-source software flow exporter and collector capable of both netflow and IPFIX. There's a usage fee. Perhaps nProbe can be used as an affordable software exporter. In collector mode, custom-made plugins can perform flow-based sensor logic. The source code has to be requested, which should not be an issue for research problems. When it comes to distributing self-made plugins to other parties, there might be some licensing issues.
ntop is a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntop is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform and on Win32 as well. Platforms: Windows, GNU/Linux, Unix
PRTG Traffic Grapher is an easy to use Windows software for monitoring bandwidth usage as well as various other network parameters like memory and CPU utilization. Platforms: Windows 98/ME/2000/XP/2003
pfflowd converts OpenBSD packet filter (PF) status messages (sent via the pfsync interface) to Cisco NetFlow datagrams. Platforms: Linux
Scrutinizer is a scalable NetFlow, IPFIX and sFlow reporting and threat detection solution. The solution runs on Windows, Linux and VMware. There is a free version that provides rich reporting and flexible filtering for up to five flow exporting devices. Platforms: Windows Vista/7/2008
SiLK, the System for Internet-Level Knowledge, is a collection of netflow tools developed by the CERT/NetSA (Network Situational Awareness) Team to facilitate security analysis in large networks. Platforms: Linux, Unix
Softflowd is flow-based network traffic analyser capable of Cisco NetFlow data export. Platforms: Linux, Unix
Stager is a generic tool for storage, aggregation and presentation of network statistics. Stager consist of a web application for data presentation, and a perl back-end for data storage and aggregation. The current version of Stager include backend modules to collect and aggregate data for NetFlow, MPing and SNMP. Platforms: Linux, Unix