Hi,

You can do this with netmon, as it actually does support several different
command line options at launch.

Check out KB Article Q158744 or the Network Monitor help files that come
with Systems Management Server. (The netmon help files don't seem to
document this feature.)

-Bill

-----Original Message-----
From: H C [mailto:keydet89YAHOO.COM]
Sent: Friday, April 27, 2001 7:43 AM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: Batch Netmon?

Here's what I would recommend. Install snort, and
then the Resource Kit utility 'soon.exe' (is there a
'now.exe'?). When you suspect something is going on,
you can submit an AT command to the system to run a
batch file for snort w/ the correct command line
switches (so you won't have to memorize them).

Carv

--- "Wangler, Dan" <dwanglerTI.COM> wrote:
> Listeners
>
> I am trying to find a way to turn packet sniffing on
> from an NT and/or W2K
> Server whenever I think something suspicious may be
> happening, be it
> intruder or misuse. I have a service running that
> monitors certain
> activity. Since netmon is distributed with NT and
> W2K servers, is there a
> way to turn on netmon and direct the output to a
> file without bringing up
> the GUI? I do not want to have to install another
> package is it is not
> necessary.
>
> Thanks
>
> Dan Wangler
> Security Engineering and Development
> IT Security Team
> Texas Instruments, Inc.
>

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]