Implementation of data collection tools using NetFlow for statistical ...

More documents

Recommendations

Info

2 Theoretical background Illustration 3: NetFlow overview It is worth mentioning that a TCP header is only 20 bytes in size [51]. See appendix 8.2 for information on how to configure NetFlow on Cisco devices. 2.5 sFlow Much like NetFlow, sFlow collects network traffic information for use in monitoring the network. It is an industry standard, which means it is supported on a majority of devices. It too sends network traffic information to a collector for further analysis. This collector is a computer running any of the many available programs for gathering flow-data. It works by sampling the network traffic – that is, it tags packets, one out of every N packets, and send it to the collector. The marked packet's header information is saved into a new packet and sent to the collector once it reaches 1500 bytes (the maximum size for a packet). Along with the header information from packets, information about the sampling rates and interface id are also included. This type of sampling is called random sampling. The other type of sampling method involves basing the samples on a time-based polling interval and is called counter sampling. [39] [40] [41] [42] [43][46] 2.6 IPFIX Internet Protocol Flow Information Export (IPFIX) is a protocol created by the IETF in an attempt to create a common universal standard for flow information from routers and other devices, eliminating the need for a specific vendor to create a version of its own [44]. Being based on Cisco's NetFlow version 9, the characteristics for defining a flow are the same - same source, same 19
2 Theoretical background destination and so on. 2.7 Linux Linux is a Unix-like kernel originally developed by Linus Torvalds while he was a student at the University of Helsinki. It was officially released on October 5 th , 1991 as open source software. Linux teamed up with the GNU system which supplied programs such as the X Window System, the BASH shell and other various programs. Together they formed a complete Operating System with Linux as the underlying kernel. Linux is licensed under the GNU General Public License and are together called GNU/Linux. [29] There are several different distributions of GNU/Linux available, each aimed for their specific market. One distribution might be optimized for size and may not include the X Window System or advanced word processors. One distribution might be aimed toward the server market and focus their applications toward server-based programs and services. What they all share in common is the underlying system - the kernel. Regardless of distribution, the kernel is the same in every one. Illustration 4: Components of a Linux distribution. Image courtesy of Erik Streb 2.7.1 Ubuntu Ubuntu Server is a distribution released by Canonical Ltd., aimed towards server use. It does not come with a graphical user interface, such as the X Window System, and is thus purely text-based. Ubuntu Server's package manager is dpkg, the same as Debian uses, which is another popular distribution. Graphical front ends such as Synaptic are available. 2.7.2 Cron Cron is a program which allows automatic execution of commands or scripts based on a schedule. It runs as a daemon to ensure its availability and is the default scheduler in Linux systems, while at 20
Page 1: Basic level CDT307 Implementation o
Page 4 and 5: Abstract Defending against Dos- and
Page 6 and 7: Acknowledgments I would like to tha
Page 8 and 9: 4.4.2 Problems with storing the dat
Page 10 and 11: Definitions & Terminology AS / ASn
Page 12: VirtualBox Virtualization software
Page 15 and 16: 1 Introduction Holmqvist, who still
Page 17 and 18: 1 Introduction 14
Page 19 and 20: 2 Theoretical background hand held
Page 21: 2 Theoretical background • Well k
Page 25 and 26: 2 Theoretical background A simple B
Page 27 and 28: 2 Theoretical background As derived
Page 29 and 30: 3 Problem analysis solution or some
Page 31 and 32: 4 Implementation • Peakflow by Ar
Page 33 and 34: 4 Implementation at is Munin [15],
Page 35 and 36: 4 Implementation Illustration 9: Qu
Page 37 and 38: 4 Implementation Illustration 11: S
Page 39 and 40: 4 Implementation appendix, chapter
Page 41 and 42: 4 Implementation 4.4.2.1 pmacct Pro
Page 43 and 44: 4 Implementation After several days
Page 45 and 46: 5 Results 5 Results Several conclus
Page 47 and 48: 6 Summary and conclusions 6 Summary
Page 49 and 50: 7 References [13] “Cacti” http:
Page 51 and 52: 7 References Page last updated: Jan
Page 53 and 54: 7 References http://www.openbgpd.or
Page 55 and 56: 8 Appendix 8.2 Enabling NetFlow on
Page 57 and 58: 8 Appendix nfacctd_as_new: bgp ! pm
Page 59 and 60: 8 Appendix echo $IN OUT=$(echo $OUT
Page 61 and 62: 8 Appendix which # contain the data

Implementation of data collection tools using NetFlow for statistical ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?