#2 traffic_type with /etc/protocols & /etc/services

open
nobody
None
5
2003-07-17
2003-07-17
Guido Brugnara
No

# from original source, Stable version 0.96b7 (with
security patch) ipaudit-web-0.96b7.tgz
# path to read protocol type from /etc/services
# protocols from /etc/protocols
# author "Guido Brugnara" <gdo@leader.it>
#

EXAMPLE:
---------------------------------------------------------------------
# gunzip -c ../data/30min/2003-07-16-07\:*.txt.gz |
./traffic_type
# protocol both incoming
outgoing protocol description
# -------- ---- --------
-------- -------------------------
domain 1,309,147 516,575
792,572 (53/udp) Domain Name Server
www-http 770,252 632,544
137,708 (80/tcp) World Wide Web HTTP
ESP 192,202 76,560
115,642 (50) Encapsulating Security Payload
smtp 106,137 69,689
36,448 (25/tcp) mail # Simple Mail Transfer
ssh 47,885 20,792
27,093 (22/tcp) SSH Remote Login Protocol
isakmp 44,558 22,368
22,190 (500/udp) isakmp
https 10,953 7,820
3,133 (443/tcp) http protocol over TLS/SSL
microsoft-ds 7,098 4,670
2,428 (445/tcp) Microsoft-DS
domain 4,148 1,622
2,526 (53/tcp) Domain Name Server
ms-sql-m 2,090 2,090
0 (1434/udp) Microsoft-SQL-Monitor
ICMP 1,687 70
1,617 (1) internet control message protocol
netbios-ns 1,104 1,104
0 (137/udp) NETBIOS Name Service
time 614 276
338 (37/tcp) Time
netarx 418 418
0 (1040/udp) Netarx
ident 116 62
54 (113/tcp) auth # Authentication Service
other
TOTAL 2,498,409 1,356,660
1,141,749

Discussion

  • Guido Brugnara
    Guido Brugnara
    2003-07-17

    traffic_type with /etc/protocols & /etc/services

     
    Attachments