On Thu, 14 Aug 2003 zidan@popmail.com wrote: > I can open it in ethereal and use filters to check certain thigs, but I > would like to check top-talkers, application flows... things like that. start with some of the following tools: - aguri will help you identify the top talkers, ports, etc ... - argus will help you get a flow based approach to this - softflowd can convert to netflow v1 for you - tcpflow can help reconstruct streams/flows - ntop can help you identify top talkers these are just a few of the tools i use to slice through my pcap data. ___________________________ jose nazario, ph.d. jose@monkey.org http://monkey.org/~jose/ _______________________________________________ LogAnalysis mailing list LogAnalysis@lists.shmoo.com http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Thu Aug 14 2003 - 09:07:29 PDT