Network Flow Analysis

✍ Scribed by Michael W. Lucas

Publisher: No Starch Press
Year: 2010
Tongue: English
Leaves: 228
Edition: 1
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

You know that servers have log files and performance measuring tools and that traditional network devices have LEDs that blink when a port does something. You may have tools that tell you how busy an interface is, but mostly a network device is a black box. Network Flow Analysis opens that black box, demonstrating how to use industry-standard software and your existing hardware to assess, analyze, and debug your network. Unlike packet sniffers that require you to reproduce network problems in order to analyze them, flow analysis lets you turn back time as you analyze your network. You'll learn how to use open source software to build a flow-based network awareness system and how to use network analysis and auditing to address problems and improve network reliability. You'll also learn how to use a flow analysis system; collect flow records; view, filter, and report flows; present flow records graphically; and use flow records to proactively improve your network. Network Flow Analysis will show you how to: Identify network, server, router, and firewall problems before they become critical Find defective and misconfigured software Quickly find virus-spewing machines, even if they're on a different continent Determine whether your problem stems from the network or a server Automatically graph the most useful data And much more. Stop asking your users to reproduce problems. Network Flow Analysis gives you the tools and real-world examples you need to effectively analyze your network flow data. Now you can determine what the network problem is long before your customers report it, and you can make that silly phone stop ringing.

✦ Table of Contents

Brief Contents......Page 9
Contents in Detail......Page 11
Acknowledgments......Page 17
Introduction......Page 19
Network Management Tools......Page 21
Enough Griping: What's the Solution?......Page 23
Flows and This Book......Page 24
1: Flow Fundamentals......Page 27
What Is a Flow?......Page 28
Flow System Architecture......Page 29
The History of Network Flow......Page 30
Flows in the Real World......Page 32
Flow Export and Timeouts......Page 36
Packet-Sampled Flows......Page 37
Collector Considerations......Page 39
Sensor Considerations......Page 40
Implementing the Collector......Page 42
Installing Flow-tools......Page 43
Running flow-capture......Page 44
Collector Log Files......Page 46
Configuring Hardware Flow Sensors......Page 47
Configuring Software Flow Sensors......Page 50
The Sensor: softflowd......Page 52
Using flow-print......Page 59
Setting flow-print Formats with -f......Page 64
TCP Control Bits and Flow Records......Page 68
ICMP Types and Codes and Flow Records......Page 70
4: Filtering Flows......Page 75
Filter Fundamentals......Page 76
Useful Primitives......Page 79
Filter Match Statements......Page 88
Using Multiple Filters......Page 93
Logical Operators in Filter Definitions......Page 94
Filters and Variables......Page 96
5: Reporting and Follow-Up Analysis......Page 99
Default Report......Page 100
Modifying the Default Report......Page 103
Analyzing Individual Flows from Reports......Page 106
Other Report Customizations......Page 107
Useful Report Types......Page 110
Customizing Reports......Page 125
6: Perl, Flowscan, and Cflow.pm......Page 135
Installing Cflow.pm......Page 136
flowdumper and Full Flow Information......Page 137
FlowScan and CUFlow......Page 138
Installing FlowScan and CUFlow......Page 139
Flow Record Splitting and CUFlow......Page 148
Using Cflow.pm......Page 151
7: FlowViewer......Page 157
Installing FlowViewer......Page 158
Configuring FlowViewer......Page 159
Using FlowViewer......Page 164
FlowGrapher......Page 168
FlowTracker......Page 170
Interface Names and FlowViewer......Page 174
8: Ad Hoc Flow Visualization......Page 175
gnuplot 101......Page 176
Time-Series Example: Bandwidth......Page 178
Automating Graph Production......Page 191
Comparison Graphs......Page 193
NetFlow v9......Page 195
sFlow......Page 198
Problem Solving with Flow Data......Page 200
Afterword......Page 207
Index......Page 209

📜 SIMILAR VOLUMES

Network Flow Analysis

📁 Network Flow Analysis

📂 Library 📅 2010 🏛 No Starch 🌐 English

Network Flow Analysis

📁 Network Flow Analysis

✍ Lucas, Michael W. 📂 Library 📅 2010 🏛 No Starch Press 🌐 English

<p>Network flow analysis is the art of studying the traffic on a computer network. Understanding the ways to export flow and collect and analyze data separates good network administrators from great ones. The detailed instructions in <i>Network Flow Analysis</i> teach the busy network administrator

Network Flow Analysis

📁 Network Flow Analysis

✍ Michael W. Lucas 📂 Library 📅 2010 🌐 English

Network Flow Analysis

📁 Network Flow Analysis

✍ Michael W. Lucas 📂 Library 📅 2010 🌐 English

Network Flow Analysis

📁 Network Flow Analysis

✍ Michael Lucas 📂 Library 📅 2010 🏛 No Starch Press 🌐 English

A detailed and complete guide to exporting, collecting, analyzing, and understanding network flows to make managing networks easier. Network flow analysis is the art of studying the traffic on a computer network. Understanding the ways to export flow and collect and analyze data separates good netwo

Network Flow Analysis

📁 Network Flow Analysis

✍ Michael W. Lucas 📂 Library 📅 2010 🏛 No Starch Press 🌐 English

Unlike packet sniffers that require you to reproduce network problems in order to analyze them, flow analysis lets you turn back time as you analyze your network. You'll learn how to use open source software to build a flow-based network awareness system and how to use network analysis and auditing