[Snort-users] catching traffic spikes

Richard Chmura rchmura at ...5839...
Sat Jan 25 22:44:03 EST 2003


This is totally unrelated to the recent MS-SQL worm :-)

I've been trying to figure out the nature of the seemingly random traffic 
spikes on my mrtg graph.  I put some snort rules in place but I was unable 
to filter to figure out more about these spikes.
The graph is at: http://members.rogers.com/rchmura/eth0sar-week.png  You 
can see the spikes on the green (IN) and blue(OUT) values.  The orange line 
it's just (green / blue)





More information about the Snort-users mailing list