ra in clients distribution
Russell Fulton
r.fulton at auckland.ac.nz
Thu Jun 19 18:20:09 EDT 2003
Hi All,
I've been trying to look for traffic from the new trojan that sends syn
packets with specific window size and options set. I can do this with
raxml but it is a pain because
A. its slow (lots of formatting) and
B. output is spread over multiple lines so I cant post process
using grep.
However I notice that the -s switch on the ra in the client distro can
be used to display window and option information in normal display. The
problem is that I could not make it work. Is it supposed to at the
moment? I admit I did not spend much time on it...
--
Russell Fulton, Network Security Officer, The University of Auckland,
New Zealand.
More information about the argus
mailing list