3.0 and top talkers
Christopher Jones
ccjones007 at gmail.com
Wed Sep 13 13:21:54 EDT 2006
Richard,
While not developer of Argus, I would agree with your suggestion of
using of a wiki. It could help document Argus and be a place for
information on 'how-to use' Argus. I think the man pages and help (
-h ) information is great but a wiki might help the, 'how exactly do i
...' questions. My two cents anyways.
Chris
On 9/13/06, Richard Bejtlich <taosecurity at gmail.com> wrote:
> On 9/11/06, Carter Bullard <carter at qosient.com> wrote:
> >
> > Hey Chris,
> > This function is now done using racluster(). It's almost ragator()
> > but with more functionality. To do a top talkers for say IP addresses
> > (racluster can do it for any object in the record, top mac addrs, top
> > tos bytes, top mpls label, top vlan, top port, top ttl, etc....):
>
> Hi all,
>
> This is just the sort of info that would be good for a Wiki. I think
> www.argus-docs.org was dead the last time I checked. Is there a
> replacement?
>
> If not, we may want to use wiki.sguil.net, which is a home for network
> security monitoring-related information.
>
> Thank you,
>
> Richard
>
More information about the argus
mailing list