Flow-tools is a software package for collecting and processing NetFlow data from Cisco and Juniper routers.
Searchable archive hosted by mail-archive.com .
Man pages for 0.67.
Latest Stable Version (0.66) -- Working flow-nfilter and flow-report.
Latest Version (0.68).MD5 Signatures.
Archive of other releases
A few thoughts on NetFlow security
Archive of mailing list when it was at OSU
Reports for Abilene generated with flow-tools using flow-stat.
Reports for Abilene generated with flow-tools and new flow-report (work in progress). How to obtain raw Abilene NetFlow data.
January 2002 NLANR/Joint Techs workshop flow-tools tutorial
June 2002 OARTech Ohio-Gigapop traffic measurements with flow-tag.
Lisa 2000 paper
Infonet Technical Report 2001-12 : Analysis of Interdomain traffic (uses flow-tools and cflowd)
SANS: Security applications for Cisco NetFlow data
SecurityFocus Detecting Worms and Abnormal Activities with NetFlow, Part 1 Part 2
University of Chicago Network Forensics tools used with flow-tools
flow-tools with RRD at MNSCU. Daily and Weekly reports, Host utilization.
Dave Plonka's FlowScan
FlowScan at UW
Tips on configuring FlowScan with flow-tools.
Dynamic Networks Tutorial using FlowScan and CUFlow with flow-tools.
Dave Plonka's Perl module
Robin Sommer's Python module
Jan Kneschke has has written flow-tools support into his Modular Log File Analyzer.
Simon Leinen maintains a page with links to other NetFlow implementations
Vlad Kropachew has some php scripts for analyzing flow files in near realtime.Stager: A system for aggregating and presenting network statistics. Uses flow-tools as a back end.