Application flooding with zero bytes packets...
carter at qosient.com
carter at qosient.com
Thu Apr 5 19:31:29 EDT 2007
If argus is configured to generate application byte information, you should be able to filter the records that don't have any data using:
ra -r file - src appbytes eq 0
Carter
Carter Bullard
QoSient LLC
150 E. 57th Street Suite 12D
New York, New York 10022
+1 212 588-9133 Phone
+1 212 588-9134 Fax
-----Original Message-----
From: real.melancon at videotron.ca
Date: Thu, 05 Apr 2007 17:25:53
To:argus-info at lists.andrew.cmu.edu
Subject: [ARGUS] Application flooding with zero bytes packets...
Hello List,
This question is not related to Argus specifically. But we have an application flooding a server with zero-bytes packets over a specific TCP port. How would I identify it with Argus ?
Thanks.
Real.
____________________________
Réal Melançon
More information about the argus
mailing list