Wireshark mailing list archives

Number of connections to host IP address?

From: dkraut <dkraut () gmail com>
Date: Thu, 3 Dec 2009 14:58:57 -0500

I've been asked to find out if Wireshark has the ability to determine the
active number of connections at a given time?  For example, If I perform
a capture of all traffic to/from our DB server from 3pm to 4pm, is there
anyway to tell how many active connections there were to the DB IP address
at 3pm, 3:15pm, 3:30pm, etc.?

The problem we're trying to solve here is that there appear to be far too
many connections to this server at certain times during the day and the
server admins believe that someone is attacking the server in someway and
have asked me to investigate for any anomalies

Thanks!

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

Number of connections to host IP address? dkraut (Dec 03)
- Re: Number of connections to host IP address? Sake Blok (Dec 03)
- Re: Number of connections to host IP address? Jaap Keuter (Dec 03)
  - Re: Number of connections to host IP address? Sheahan, John (Dec 04)
    - Re: Number of connections to host IP address? Mathew Brown (Dec 04)
- Re: Number of connections to host IP address? James Taylor (Dec 07)
  - Re: Number of connections to host IP address? John Hinckley (Dec 07)
    - Re: Number of connections to host IP address? Hansang Bae (Dec 11)