October 7th, 2003 08:35 PM
MRTG for Intrusion Detection with IIS 6
I'm not sure about anyone else, but I've been using MRTG for years now. I've been monitoring bandwidth trends, CPU usage, Memory usage, etc.....
Now you can use it as your IDS
This article was found on here.
The Multi Router Traffic Grapher (MRTG) is a simple cross-platform tool that administrators have used for years to monitor network traffic loads. The concept is simple: it queries SNMP counters and creates HTML pages with live network graphs showing bytes coming in and bytes going out. MRTG can show much more than in and out traffic, it can graph any SNMP counter. Microsoft has a web site that demonstrates some of the many SNMP counters available on a Windows 2003 server.
I would still rather use snort or something similar.....
October 8th, 2003 04:18 AM
Hey, tekno, Thanks!
I had been looking for something that would help me examine certain data/traffic on my internal network. I had completely forgotten about MRTG as a possible solution, and your post pointed me right to it. It won't be as cool as a commercial tool, but I can set it up reasonably quickly and without cost. That's kind of important today. The new version has some nice capabilities. I'm interested in the potential with Win2003, too!
October 8th, 2003 05:26 AM
MRTG rules....I love it!!!
I don't use it as an IDS, but for it makes for a good network baseline.
also you might want to check out this link if you already haven't done so.
PM me if you need any help with MRTG or have any questions.
October 16th, 2003 12:28 PM
Thx tekno !
But I want to know if there's a way to merge MRTG into the IDS. eg.In an
IDS system,MRTG actes as a flow control sub-system. EMAIL me if you have other special idea.
October 16th, 2003 06:34 PM
MRTG is an awsome product...used by alot of corporations....
The IDS support is new to me though..I will look into it..