Is there a way to monitor outbound “well known ports” through the DMZ? All that should be going out from our server is HTTP and FTP traffic. I’d like to be able to tell if something fishy is going on.
Article Comments
Well, for TCP-Ports you could use the Port-Sensor in PRTG, but that would mean one sensor per TCP-Port. To monitor traffic on certain ports, you would have to use either Netflow/Sflow-Sensors or Packet Sniffing Sensors (which requires both certain networking gear of course).
Sep, 2011 - Permalink
and would it be possible to monitor some application traffic ? like msn, skype, itunes etc... these application have signatures in the data/header to recongnize them.
Sep, 2011 - Permalink
PRTG can only detect traffic from these applications if these applications run their traffic on a certain port (per application), then you can use Custom (Netflow/Sflow or Packet Sniffing) Sensors with your own channel definitions to monitor the traffic of these applications.
Sep, 2011 - Permalink
Hello,
do you want to monitor the ports being open or not? Or the traffic on those ports?
best regards.
Sep, 2011 - Permalink