Security Basics mailing list archives
Re: Sniffering and Protocol Analyzer ?
From: lobo <lobo () c3a de>
Date: Mon, 09 Jul 2007 22:16:43 +0200
Hi Mohamed, On Sun, 2007-07-08 at 12:59 +0300, Mohamed Farid wrote:
I used Ethereal ( Woreshark ) but I couldn't get an easy output ... Can you advise what should I do ?
I would recommend to use the conversation list. You can find it in the menu under Statistics->Conversations. Switch to the IPv4 tab and sort the list by "Bytes" to find the host which might be the cause for that traffic utilization. But I also want to mention that wireshark is not always the best way to start with, when you want to analyze large pcap files. There was some weeks ago a good article on the TaoSecurity blog about structured traffic analysis. If you are interested in, here is the link: http://taosecurity.blogspot.com/2007/05/lbnlicsi-enterprise-tracing-project.html best regards, jochen
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Sniffering and Protocol Analyzer ? Mohamed Farid (Jul 09)
- RE: Sniffering and Protocol Analyzer ? Skokan, Paul (Jul 09)
- Re: Sniffering and Protocol Analyzer ? Jacco (Jul 09)
- Re: Sniffering and Protocol Analyzer ? lobo (Jul 09)
- Re: Sniffering and Protocol Analyzer ? Kurt Buff (Jul 09)
- Re: Sniffering and Protocol Analyzer ? Nikhil Wagholikar (Jul 11)
- RE: Sniffering and Protocol Analyzer ? Skokan, Paul (Jul 09)