flow-tools information

Flow-tools is a software package for collecting and processing NetFlow data from Cisco and Juniper routers.

Overview

Mailing list

Searchable archive hosted by mail-archive.com .

Man pages for 0.67.

Latest Stable Version (0.66) -- Working flow-nfilter and flow-report.

Latest Version (0.68).

MD5 Signatures.

RPM's

Archive of other releases

ChangeLog

A few thoughts on NetFlow security

Archive of mailing list when it was at OSU

Reports for Abilene generated with flow-tools using flow-stat.

Reports for Abilene generated with flow-tools and new flow-report (work in progress). How to obtain raw Abilene NetFlow data.

January 2002 NLANR/Joint Techs workshop flow-tools tutorial

June 2002 OARTech Ohio-Gigapop traffic measurements with flow-tag.

Lisa 2000 paper

Infonet Technical Report 2001-12 : Analysis of Interdomain traffic (uses flow-tools and cflowd)

SANS: Security applications for Cisco NetFlow data

SecurityFocus Detecting Worms and Abnormal Activities with NetFlow, Part 1 Part 2

University of Chicago Network Forensics tools used with flow-tools

flow-tools with RRD at MNSCU. Daily and Weekly reports, Host utilization.

Dave Plonka's FlowScan

FlowScan at UW

Tips on configuring FlowScan with flow-tools.

Dynamic Networks Tutorial using FlowScan and CUFlow with flow-tools.

Dave Plonka's Perl module

Robin Sommer's Python module

Jan Kneschke has has written flow-tools support into his Modular Log File Analyzer.

Simon Leinen maintains a page with links to other NetFlow implementations

Vlad Kropachew has some php scripts for analyzing flow files in near realtime.

Stager: A system for aggregating and presenting network statistics. Uses flow-tools as a back end.