Question about flow direction classification
Matt Brewer
hilather at gmail.com
Tue Nov 10 18:31:51 EST 2009
Hello,
I'm currently doing a research project on Network flows and my team is using Argus to perform most of our analysis. I'm not sure if this is the best place to ask questions like this, if I'm in the wrong place please let me know.
I've noticed that a number of network flows that I would generally classify as bi-directional are actually classified by Argus with -> which would be uni-directional (I assume this is flow of payload data). Many SSH flows appear with this direction. Can you explain this behavior? Also, I've spent quiet some time reading through the numerous man pages on the different Argus tools, are there any papers that explain the inner workings of Argus? I'm interested in materials that explain how some of the not so obvious information is derived.
===========================
| Matt Brewer
| CCNA
| www.sheridantutorials.com
===========================
More information about the argus
mailing list