Size of first packet flow issue

John Gerth gerth at graphics.stanford.edu
Wed Jul 3 19:37:53 EDT 2013 

It doesn't sound like Argus will do what you want, but there are many
network security tools available.  One useful collection is the
"Security Onion" which you learn about and download from:
   http://sourceforge.net/projects/security-onion/

/John Gerth

On 7/3/2013 7:51 AM, Rahimeh Khodadadi wrote:
> I don't have a experince about OS finger printing?
> Is there any tools? of course I know Wireshark but it gives just packet, not flow
> 
> 
> On Wed, Jul 3, 2013 at 7:07 PM, Carter Bullard <carter at qosient.com <mailto:carter at qosient.com>> wrote:
> 
>     No, argus can't do that.  Argus is a network audit system, not a packet capture system.
>     There is no purpose in auditing the first X packets.
> 
>     So your interested in OS fingerprinting?
>     Carter
> 
> 
>     On Jul 3, 2013, at 10:24 AM, Rahimeh Khodadadi <rahimeh.khodadadi at gmail.com <mailto:rahimeh.khodadadi at gmail.com>> wrote:
> 
>>     Hi,
>>     Thanks for your reply.
>>     But I want capture the 5 first packet of every flow instead of capturing all packets of them.
>>     For example, if one TCP flow has 48 packet, it capture only 5 frist packet.
>>     Is it possible in argus??
>>
>>
>>     On Wed, Jul 3, 2013 at 6:13 PM, Carter Bullard <carter at qosient.com <mailto:carter at qosient.com>> wrote:
>>
>>         Hey Rahimeh,
>>         No, you can get mean, max, min and stddevnof packet size, but not the first.  And we track  all the packets.
>>
>>         Carter
>>
>>         On Jul 3, 2013, at 3:40 AM, Rahimeh Khodadadi <rahimeh.khodadadi at gmail.com <mailto:rahimeh.khodadadi at gmail.com>> wrote:
>>
>>>         Hi,
>>>
>>>         Is there nobody answer me??????
>>>
>>>
>>>         On Sat, Jun 29, 2013 at 10:37 AM, Rahimeh Khodadadi <rahimeh.khodadadi at gmail.com <mailto:rahimeh.khodadadi at gmail.com>> wrote:
>>>
>>>             Hi,
>>>
>>>             I want to capture first packet size of flow, is it possible acquire it  in Argus?
>>>             And I want to capture just 4 packet of flow?
>>>             Please help me.
>>>
>>>             -- 
>>>             With Best Regards
>>>             Rahimeh Khodadadi
>>>
>>>
>>>
>>>
>>>         -- 
>>>         With Best Regards
>>>         Rahimeh Khodadadi
>>>
>>
>>
>>
>>     -- 
>>     With Best Regards
>>     Rahimeh Khodadadi
>>
> 
> 
> 
> 
> -- 
> With Best Regards
> Rahimeh Khodadadi
>

More information about the argus mailing list