Hi ! I am using ntop *v.3.3.6 Fedora RPM [i686-redhat-linux-gnu]* on a fedora 8 system. It is fine.
ntop is showing on "Summary/Traffic" page, in "Global TCP/UDP Protocol Distribution" section, in "Other TCP/UDP-based Protocols" a very high traffic. The next entry in table, "Accumulated View", is showing "Other" is responsible for more than 70% all traffic. The question is how to know more about this traffic ? What is it ? What ports/protocols are responsible for this traffic ? I guess it is coming from programs using ports> 1024 and not well known port number, so ntop don't known how to sort/rank this traffic and just use the generic "Other TCP/UDP-based Protocols", but it does not show what ports are. Is there a way to get this kind of information from ntop ? The table "TCP/UDP Traffic Port Distribution: Last Minute View" does not show this information either because it happens only in the early hours of day (1:00am to 5:00am). It is a busy server, running a lot of services and it is not easy to isolate a particular service/port, and maybe this "Other TCP/UDP-based Protocols" is a set of 3, 6 or more services. How to get more detail about "Other TCP/UDP-based Protocols" ? thanks in advanced for any comments and hints ! _________________________________________________________________ Connect to the next generation of MSN Messenger http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline _______________________________________________ Ntop mailing list Ntop@unipi.it http://listgateway.unipi.it/mailman/listinfo/ntop