folk have asked me to summarize. so here it goes
"Justin M. Streiner" <[EMAIL PROTECTED]> and Nicolas Strina
<[EMAIL PROTECTED]> recommended the nfdump nfsen pair,
http://nfsen.sourceforge.net
http://nfdump.sourceforge.net
Chris Kuethe <[EMAIL PROTECTED]> and Peter Wohlers
<[EMAIL PROTECTED]> recommended ntop
http://www.ntop.org/
Peter Wohlers <[EMAIL PROTECTED]> also recommended Stager
http://software.uninett.no/stager/?page=docs
Steven Rakick <[EMAIL PROTECTED]> recommended nSight
http://www.obtuse.net/software/nsight
Tony Hacche <[EMAIL PROTECTED]> recommended Crannog's NetFlow
Tracker
http://www.crannog-software.com/index.php?go=Product.ShowDetail&ProductID=1
Jared Mauch <[EMAIL PROTECTED]> has a tool to detect and
highlight ddos symptoms, but it does not have per-protocol sexy
graphs. looks very useful for ddos detection, though
---
i am currently playing with nfsdump/nfsen
randy
