Results 1 to 4 of 4
Thread: Network analysis
-
09-02-2007, 11:09 AM #1Aspiring Evangelist
- Join Date
- May 2002
- Posts
- 388
Network analysis
Hello,
I am looking for a simple program to analyse my network and give me some information about a TCP/UDP attack. I would like to know only the attacker IPs and the destination IPs.
I have a server running with two NICs, one to access and the other one logging the traffic in promiscous mode.
I am running the program "ntop" but I couldnt identify an attack when it was on going.
Anyone have any advice ?█ The Cloud Platform for Bare Metal
█ Instant Deployment of High-Performance Bare Metal Servers in 15 cities globally
█ Latitude.sh (Formerly Maxihost)
-
09-02-2007, 01:46 PM #2Web Hosting Master
- Join Date
- Oct 2004
- Location
- Kerala, India
- Posts
- 4,771
Here is a simple code that helps you to find the number of connections to port 80 from a particular IP.
Code:netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1
David | www.cliffsupport.com
Affordable Server Management Solutions sales AT cliffsupport DOT com
CliffWebManager | Access WHM from iPhone and Android
-
09-02-2007, 02:56 PM #3WHT Addict
- Join Date
- Aug 2007
- Location
- Minneapolis
- Posts
- 111
Snort IDS
(10 character min)
-
09-02-2007, 10:04 PM #4WHT Addict
- Join Date
- Feb 2006
- Location
- Melbourne, Australia
- Posts
- 141
Dymestry Interactive | Australian Co-Location - Dymestry.com
Fully Managed Dedicated Servers And Co-Location (Sydney & Melbourne)