analyse tcpdump output

Thread: analyse tcpdump output

Search this list only Search all lists
analyse tcpdump output
	2006-11-22 20:42:52
On Nov 22, 2006, at 12:37 PM, Netfortius wrote: >> I wonder if someone knows a tool to use a tcpdump output for anomaly >> dedection. It is sometimes really time consuming when looking for >> identical >> patterns in the tcpdump output. For this sort of thing, you can do it far more scalably with NetFlow. There are several good commercial NetFlow-based anomaly- detection systems (Arbor, Lancope, Narus, Q1, etc.) and even an open- source project (currently fallow) called Panoptis. ------------------------------------------------------------ ----------- Roland Dobbins <rdobbinscisco.com> // 408.527.6376 voice All battles are perpetual. -- Milton Friedman

[1]