new argus-clients-3.0.7.14 on the server
Carter Bullard
carter at qosient.com
Tue Aug 20 10:59:03 EDT 2013
Gentle people,
New client code up on the server. This release fixes all
known bugs that has been reported on the list, as well as
having major modifications to rapath().
New code has been added as guards around the reported
label problems, but I am not sure that it has fixed
the problem. If we could test that, that would be great !!!
We've made some big changes to rapath(). rapath() extracts
topology information from argus data. Basically it takes all
data that has ICMP TXD messages mapped to it, and tabulates path
information where it can. This has the effect of capturing all
traceroutes() that are observed by argus, regardless of the
techniqu; UDP, TCP or ICMP based, weather its vanilla or paris method,
or several of the proprietary strategies seen in intrusions.
We've changed the default output of the graph that rapath.1
generates (using the -A option) to include the srcid, saddr
and daddr, so that you can build topology from just the
graphs. I'll add the stime and duration as well, but need
to figure out some command line options to control all these
new fields. Also rapath() is going to get a realtime mode,
currently, its a " read a file, generate some output " type of
tool.
Please grab this code and give it a run. I'm hoping to
release 3.0.7.x as 3.0.8 in the next month, so if there are
any gotchas, don't hold back.
Carter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 7322 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20130820/0ccd2a52/attachment.bin>
More information about the argus
mailing list