Snort mailing list archives
Re: Session statistics
From: Andreas Östling <andreaso () it su se>
Date: Fri, 22 Aug 2003 08:59:28 +0200 (CEST)
On Thu, 21 Aug 2003, John Creegan wrote:
I've searched the mail list archives and the snort website looking for the tool I need, and have not yet found it. Before I go off and create this tool, I'd like to know if there already is a tool which can take advantage of the session.log data to tell me: 1. Who the top talkers are 2. Where the hotspots on the network are.
It doesn't use session.log data, but it sounds like you need Argus. It can do the above things and much, much, much more. http://www.qosient.com/argus/ or recent snapshots at ftp://ftp.qosient.com/dev/argus-2.0/ /Andreas ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Session statistics John Creegan (Aug 21)
- Re: Session statistics Erek Adams (Aug 21)
- Re: Session statistics Andrew R. Baker (Aug 22)
- Re: Session statistics Andreas Östling (Aug 22)
- Prevent ARP attack on NIDS sniffer. Sam Wun (Aug 24)
- Re: Prevent ARP attack on NIDS sniffer. Edin Dizdarevic (Aug 25)
- Re: Prevent ARP attack on NIDS sniffer. Erek Adams (Aug 25)
- Prevent ARP attack on NIDS sniffer. Sam Wun (Aug 24)
- Re: Session statistics Bamm Visscher (Aug 22)
- <Possible follow-ups>
- Re: Session statistics Richard Bejtlich (Aug 25)
- Re: Session statistics Erek Adams (Aug 21)