Thank you for your comments, but its not what I asked for. ntop is a real-time traffic analyzer. I want to take an existing tcpdump file, open it and analyze it (look for top-talkers, app' flows, etc.). this is more of post-analysis. thanks, -Z > On Thu, 14 Aug 2003 zidanat_private wrote: > > > I can open it in ethereal and use filters to check certain thigs, but I > > would like to check top-talkers, application flows... things like that. > > start with some of the following tools: > > - aguri > will help you identify the top talkers, ports, etc ... > - argus > will help you get a flow based approach to this > - softflowd > can convert to netflow v1 for you > - tcpflow > can help reconstruct streams/flows > - ntop > can help you identify top talkers > > these are just a few of the tools i use to slice through my pcap data. > > ___________________________ > jose nazario, ph.d. joseat_private > http://monkey.org/~jose/ > > .................................... Get your own free email account from http://www.popmail.com _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Thu Aug 14 2003 - 09:48:11 PDT