Hi,
Whats the best way to identify network behavior?? Behavior of the ports/interfaces and routers? I can get data and analyse the traffic but trying to search for a pattern for a meaningful classification. Any help appreciated.
Thank you
Hi Thanks for the quick info. My goal here is that i want to categorize the behavior of my interfaces depending on factors like ingress/egress traffic. I have all the data with me. By end of this exercise I want to determine which ports I can get rid of or which is having the least activity.
jillika iyer
2010-08-05 14:06:30
I think I need to use some kind of pattern recognition to do this. But unable to get a lead.
jillika iyer
2010-08-05 14:07:04
I added another entry for WireShark. I think with both, specifically WireShark, you can color code endpoints and filter by them. So, I think you may be able to see where the heavy and light hitters as far as ports go if that's what you're after.
Ryan Hayes
2010-08-05 15:05:47
A:
I would say Ethereal is the best tool out there.
It was some time since I used it, but by what I remember you could choose a number of filters and features like that which made it very clear what was going on.
Marcus Johansson
2010-08-05 13:59:37
A:
WireShark is a great tool, too.
Features are similar to other, but one is the exporting to CSV. You could then import the CSV into Excel and run some analysis there.
Ryan Hayes
2010-08-05 15:03:37