If your running argus for the first few times, get a packet file from one of the IP packet repositories, such as pcapr and process them with argus(). How many hosts are talking, who is talking to whom, how often, is one address sending all the traffic, are they doing the bad thing? Argus is designed to generate network flow status information that can answer these and a lot more questions that you might have. If you have packets, and want to know something about whats going on, argus() is a great way of looking at aspects of the data that you can't readily get from packet analyzers. Analysing Packet FilesĪrgus processes packet data and generates summary network flow data.
ARGUS MONITOR STANDING HOW TO
How to compile and install is described in the distribution file INSTALL that is in each package. Argus has been ported to all flavors of Linux, and most Unixes that are available, including Solaris. If you feel like just starting on one of the basic projects that sites are doing, this page should point you in the right direction.Īrgus is supplied as source code, so to really get started you need to compile and install the software onto a ported system. Usually, just those first steps get you thinking as to how you can use argus to solve one of your problems.
ARGUS MONITOR STANDING MAC OS
The best way to get started using argus, is to get the argus and client software from here, compile it on one of your Mac OS X, Linux, Unix or Cygwin enabled Windows systems, and play around with analyzing a few packet streams, to see how it basically works.
0 kommentar(er)
