Thanks for the response.

However, netmon comes with NT and W2K servers. I was wanting to add a
little as possible to the baseline server.

Dan Wangler
Security Engineering and Development
IT Security Team
Texas Instruments, Inc.
Spring Creek Bldg 1, E190
6500 Chase Oaks Blvd
Plano, Texas, 75023
PH 972-927-8304, email dwanglerti.com

-----Original Message-----
From: H C [mailto:keydet89YAHOO.COM]
Sent: Friday, April 27, 2001 7:43 AM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: Batch Netmon?

Here's what I would recommend. Install snort, and
then the Resource Kit utility 'soon.exe' (is there a
'now.exe'?). When you suspect something is going on,
you can submit an AT command to the system to run a
batch file for snort w/ the correct command line
switches (so you won't have to memorize them).

Carv

--- "Wangler, Dan" <dwanglerTI.COM> wrote:
> Listeners
>
> I am trying to find a way to turn packet sniffing on
> from an NT and/or W2K
> Server whenever I think something suspicious may be
> happening, be it
> intruder or misuse. I have a service running that
> monitors certain
> activity. Since netmon is distributed with NT and
> W2K servers, is there a
> way to turn on netmon and direct the output to a
> file without bringing up
> the GUI? I do not want to have to install another
> package is it is not
> necessary.
>
> Thanks
>
> Dan Wangler
> Security Engineering and Development
> IT Security Team
> Texas Instruments, Inc.
>

__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]