looking for ideas...

poncenby smythe smythe at poncenby.plus.com
Wed Nov 15 17:41:07 EST 2006

Previous message (by thread): ArgusEye GUI initial release
Next message (by thread): looking for ideas...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

List,

Does anyone know how to get the top 10 or just top IP which initiates 
the most meaningful* connections?

By meaningful I mean flows that can be programmatically determined to be 
human/scheduled events with reasonable payloads and meaning, aiming to 
eliminate the IPs which repeatedly scan and could conceivably be the top 
flow initiator.

Hope it makes sense,

poncenby

Previous message (by thread): ArgusEye GUI initial release
Next message (by thread): looking for ideas...
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the argus mailing list