A newer tool called tcpflow complements tcpdump and provides a way to do protocol flow analysis and to properly reconstruct data streams, regardless of packet order or retransmissions.
一个叫做tcpflow的新工具与tcpdump相辅相成,它提供协议流分析和适当地重构数据流的方法,而不管数据包的顺序或重发。
On the base of protocol analysis, the system USES the technology of the fragment reassembly of IP packet, TCP data flow reverting, etc. It reduces leak and mistake alert of the intrusion.
在协议分析的基础上,采用IP数据包分片重组、TCP数据流还原等技术,降低漏报率,减少误报率。
These systems provide packet and flow analysis and have the capability of taking response actions to various events, such as dropping malicious or offending traffic.
这些系统可以提供信息包和数据流分析,能够对各种事件(如丢弃恶意或违例数据流)采取响应措施。
应用推荐