Skip To Main Content Skip To Main Navigation


Networking & Information Security
Texas A&M University
Networking & Information Security

» Home » Security » Security Tools » Netlog

Netlog

Netlog is no longer being maintained.  The source code and all information on Netlog is still available below.

Netlog is a set of intrusion detection network monitoring tools.  The tool contains both a TCP and UDP traffic logging system. Also included is the Netwatch tool which monitors certain TCP/IP services for activity that indicates possible intruder presence. 

The following programs are included:
  • tcplogger -  Log all TCP connections on a subnet
  • udplogger -  Log all UDP sessions on a subnet
  • extract   -  Process log files created by tcplogger or udplogger
All of these programs require an ANSI C compiler.  Tcplogger and udplogger use the SunOS 4.x Network Interface Tap (nit) or SunOS 5.x Data Link Provider Interface (DLPI).

To build the programs:
  1. Edit the Makefile to select for SunOS 4.x or SunOS 5.x (Solaris)
  2. Enter 'make'
You will end up with binaries in the 'bin' directory.

If you are using 'gcc', do not turn on optimization for tcplogger or udplogger.  Also, if 'fix-includes' was not run, then you must use the '-traditional' flag.  To be safe, use it anyway.

The latest versions of tcplogger, udplogger, and extract are available from:ftp://net.tamu.edu/pub/security/TAMU/



Last Updated: Mon, Jun 29, 2009