Network Flow Analysis

Network Flow Analysis

by Michael W. Lucas

Paperback

$39.95
View All Available Formats & Editions
Choose Expedited Shipping at checkout for guaranteed delivery by Wednesday, September 25

Overview

Unlike packet sniffers that require you to reproduce network problems in order to analyze them, flow analysis lets you turn back time as you analyze your network. You'll learn how to use open source software to build a flow-based network awareness system and how to use network analysis and auditing to address problems and improve network reliability. You'll also learn how to use a flow analysis system; collect flow records; view, filter, and report flows; present flow records graphically; and use flow records to proactively improve your network. Network Flow Analysis will show you how to:


  • Identify network, server, router, and firewall problems before they become critical
  • Find defective and misconfigured software
  • Quickly find virus-spewing machines, even if they're on a different continent
  • Determine whether your problem stems from the network or a server
  • Automatically graph the most useful data

And much more. Stop asking your users to reproduce problems. Network Flow Analysis gives you the tools and real-world examples you need to effectively analyze your network flow data. Now you can determine what the network problem is long before your customers report it, and you can make that silly phone stop ringing.

Product Details

ISBN-13: 9781593272036
Publisher: No Starch Press
Publication date: 07/30/2010
Pages: 224
Sales rank: 1,217,309
Product dimensions: 6.90(w) x 9.20(h) x 0.70(d)

About the Author

Michael W. Lucas is a network/security engineer who keeps getting stuck with network problems nobody else wants to touch. He is the author of the critically acclaimed Absolute FreeBSD, Absolute OpenBSD, Cisco Routers for the Desperate, and PGP & GPG, all from No Starch Press.

Table of Contents

;
Dedication;
ACKNOWLEDGMENTS;
INTRODUCTION;
Network Administration and Network Management;
Network Management Tools;
Enough Griping: What's the Solution?;
Flow-Tools and Its Prerequisites;
Flows and This Book;
Chapter 1: FLOW FUNDAMENTALS;
1.1 What Is a Flow?;
1.2 Flow System Architecture;
1.3 The History of Network Flow;
1.4 Flows in the Real World;
1.5 Flow Export and Timeouts;
1.6 Packet-Sampled Flows;
Chapter 2: COLLECTORS AND SENSORS;
2.1 Collector Considerations;
2.2 Sensor Considerations;
2.3 Implementing the Collector;
2.4 Installing Flow-tools;
2.5 Running flow-capture;
2.6 How Many Collectors?;
2.7 Collector Log Files;
2.8 Collector Troubleshooting;
2.9 Configuring Hardware Flow Sensors;
2.10 Configuring Software Flow Sensors;
2.11 The Sensor: softflowd;
Chapter 3: VIEWING FLOWS;
3.1 Using flow-print;
3.2 Setting flow-print Formats with -f;
3.3 TCP Control Bits and Flow Records;
3.4 ICMP Types and Codes and Flow Records;
Chapter 4: FILTERING FLOWS;
4.1 Filter Fundamentals;
4.2 Useful Primitives;
4.3 Filter Match Statements;
4.4 Using Multiple Filters;
4.5 Logical Operators in Filter Definitions;
4.6 Filters and Variables;
Chapter 5: REPORTING AND FOLLOW-UP ANALYSIS;
5.1 Default Report;
5.2 Modifying the Default Report;
5.3 Analyzing Individual Flows from Reports;
5.4 Other Report Customizations;
5.5 Useful Report Types;
5.6 Customizing Reports;
Chapter 6: PERL, FLOWSCAN, AND CFLOW.PM;
6.1 Installing Cflow.pm;
6.2 flowdumper and Full Flow Information;
6.3 FlowScan and CUFlow;
6.4 FlowScan Prerequisites;
6.5 Installing FlowScan and CUFlow;
6.6 Flow Record Splitting and CUFlow;
6.7 Using Cflow.pm;
Chapter 7: FLOWVIEWER;
7.1 FlowTracker and FlowGrapher vs. CUFlow;
7.2 FlowViewer Security;
7.3 Installing FlowViewer;
7.4 Configuring FlowViewer;
7.5 Using FlowViewer;
7.6 FlowGrapher;
7.7 FlowTracker;
7.8 Interface Names and FlowViewer;
Chapter 8: AD HOC FLOW VISUALIZATION;
8.1 gnuplot 101;
8.2 Time-Series Example: Bandwidth;
8.3 Automating Graph Production;
8.4 Comparison Graphs;
Chapter 9: EDGES AND ANALYSIS;
9.1 NetFlow v9;
9.2 sFlow;
9.3 Problem Solving with Flow Data;
9.4 Afterword;
UPDATES;

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews

Network Flow Analysis 5 out of 5 based on 0 ratings. 1 reviews.
INDEPENDENTREVIEWER More than 1 year ago
Are you a network administrator who wants to build a flow-based network management system? If you are, then this book is for you. Author Michael W. Lucas, has done an outstanding job of writing a book that shows you how to build a flow-based network management system out of any free Unix-like operating system, freely available software, and existing network hardware. Lucas, begins by introducing flows. Next, the author discusses flow export and how to configure it in both hardware and software; as well as, how to collect those flow records from many different network devices using the industry-standard flow-tools software package. Then, he shows you how to view the flow records you've gathered. The author continues by demonstrating filtering flows that display only interesting data. Next, he shows you how flow-tools support a wide variety of reports. Then, he covers FlowScan, web-based software that offers traffic graphs to your users. The author continues by covering FlowViewer, another web-based tool that lets you deeply dissect your traffic. Next, he shows you how to use gnuplot to create graphs of truly arbitrary floe data. Finally, the author discusses some flow collection edge cases and how you can use flow records to proactively improve your network. This most excellent book provides the tools and real-world examples you need to effectively analyze your network flow data. In other words, now you can determine what the network problem is long before your customers report it.