 
            On Tuesday, August 28, 2012 02:35:25 AM RafaĆ Radecki wrote:
Hi all.
I have currently a task to implement a network traffic analyzer. Some years ago I've used NTOP for that purpose, I would also like to test some alternatives. Which alternatives can you recommend and why?
As a package, either the Fedora-based NetworkSecurityToolkit (NST) or the loosly-based-on-ubuntu BackTrack are nice. NST has some very cool features, and a web UI that allows some nice options.
NST runs best on a dedicated piece of hardware; slap a couple of GigE NIC's in a good box with dual procs, put one GigE on a SPAN port or a hardware tap, install NST on it and configure to your liking. If you want prepackaged updates that you don't have to built yourself, subscribe to the NSTPro service.
www.networksecuritytoolkit.org
I'm using it here, and coupled with the power and configurability of Cisco's SPAN it works really well for troubleshooting. I'm using it enough that I set up my own builder on Fedora 16, and have been building my own updates out of NST's SVN, which has been interesting....