General discussion

Locked

Open Source NCP Packet Logging

By jfunke ·
Our company has a legal requirement to log all file access to a Netware 4 file server. Half the clients are using TCP the other half are on IPX. There are plenty of solutions to grab the first few snaplen of the TCP packets to log access to the server from an independant BSD station running in promisc.

I have yet to find a solution to capture just enough of the IPX traffic to decode the NCP protocol enough to see what user was access which file on the server.

So far tethereal has come very close but it wants to grab the entire packet before decoding it and we are going through 10GB per day of storage.

I need a way to log these file server connections in a searchable format. It can be messy - it just needs to be searchable.

We do have Sniffer from NA available to us commercially if it helps.

This conversation is currently closed to new comments.

1 total post (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Open Source NCP Packet Logging

by Mike O In reply to Open Source NCP Packet Lo ...

I don't have a specific answer, sorry, but try surfing around SourceForge.net. There may be an open source project available that will do what you need.

Good luck!

Back to Linux Forum
1 total post (Page 1 of 1)  

Related Discussions

Related Forums