Jacobson, V., Leres, C., and McCanne S. Tcpdump, June 1989. Available via anonymous FTP from ftp.ee.lbl.gov.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....rather than using machine and processoriented data, such as that from BSM, network based IDSs primarily use data from network traffic in detecting intrusions. The most popular program used to capture network traffic is tcpdump, which can display or store every field belonging to a TCP packet [8]. Different implementations of network based IDSs may serve different functions. For instance, some network based systems may monitor only the traffic activity of a single host, while distributed tools may analyze the aggregate traffic information from a range of devices on the same network. To ....

Jacobson, V., Leres, C., and McCanne S. Tcpdump, June 1989. Available via anonymous FTP from ftp.ee.lbl.gov.

....data presented in this paper. The first set of data used, denoted L, consists of the Apache generated logs of each request made to the server. The second source of data is packet level traces of the web traffic to and from the server, denoted P . The packet level traces were taken with tcpdump [JLM89] on the web server itself. We captured the first 100 bytes of 610,146,959 packets, with tcpdump reporting another 1,799 packets, or roughly 0.003 , dropped by the kernel 1 . We consider this an acceptably low amount of kernel packet loss that we did not attempt to correlate the kernel packet ....

Van Jacobson, Craig Leres, and Steven McCanne. tcpdump, June 1989. Available via anonymous FTP from ftp.ee.lbl.gov.

....data presented in this paper. The first set of data used, denoted L, consists of the Apache generated logs of each request made to the server. The second source of data is packet level traces of the web traffic to and from the server, denoted P . The packet level traces were taken with tcpdump [JLM89] on the web server itself. We captured 610,146,959 packets, with tcpdump reporting another 1,799 packets, or roughly 0.003 , dropped by the kernel 1 . We consider this an acceptably low amount of kernel packet loss that we did not attempt to correlate the kernel packet losses with specific ....

Van Jacobson, Craig Leres, and Steven McCanne. tcpdump, June 1989. Available via anonymous FTP from ftp.ee.lbl.gov.

....we give our conclusions. Audio Music File Formats At present, there are many file formats for storing computer music data, each is designed specifically for a particular system or purpose. It is common to group the different formats into two categories : self describing formats and raw formats [17]. A self describing format is one that incorporates device parameters and encoding into a file header. This means that various settings can be individualized for any file. In a raw format, there is no encoding because the file only contains raw data. A self describing file is more flexible but ....

....notes and patterns. CMF format, on the other hand, is designed for music. It consists of a header block, an instrument block, and a music block, but the music block adheres to the Standard MIDI format, so it is similar to the above MIDI format. Among those formats, only the Amiga s MOD format [17,9] provides a rigid basis for structured music representation. A song (or a MODule in Amiga s term) is always built on three entities : patterns, notes, and samples. A module is a sequence of (not necessarily unique, but a maximum of 128) patterns. A pattern itself is a fixed size array of 64 ....

G. van Rossum, FAQ: Audio File Formats, Available via anonymous ftp from ftp.cwi.nl, March, 1993.

....tracing at all CNSS sites, only the subset of NSFNET nodes shown in Table 2 was used. 2.2 Processing and Interpretation The packet records in the traces we collected were binary records of header fields. To simplify subsequent processing, we translated the records into a format which tcpdump [34] could understand. We then employed tcpdump s powerful command syntax to select only packets that fit certain criteria. While Modes A, B, and D traces were ready for analysis, Mode C traces required further filtration and validation tests. 2.3 Processing Mode C Traces The primary objective of ....

V. Jacobson, C. Leres, and S. McCanne, Tcpdump, June 1989 (available via anonymous FTP from ftp.ee.lbl.gov).

....up connections that use the Point to Point (PPP) protocol [13] Traffic dumps for this study were gathered using a modified Mach kernel running under the NeXTSTEP 1 operating system. This kernel contained an implementation of the BSD Packet Filter [6] and used a modified version of tcpdump [14] to gather statistics. These sessions were generated with the help of a group of nine volunteers spread throughout three countries (Germany, United Kingdom, and the USA) A survey of the volunteers shows that there is a mix of both recreational and professional users. These volunteers modified 1 ....

Van Jacobson, C. Leres, and S. McCanne, "tcpdump," Available via anonymous FTP from ftp.ee.lbl.gov, June 1989.

....applied to an actual trace collected on the NSFNET backbone. The steps are simplified for ease of presentation. In actual practice significant efficiency may be gained by combining and modifying the steps presented here. A working knowledge of Splus is assumed. The current example uses tcpdump [12] to access packet records from the trace, and a series of short programs described below. 1. Using tcpdump, extract packets meeting some desired criteria from the trace. Tcpdump produces output which is similar to the example below (not all output records shown) example tcpdump n tttt q r ....

V. Jacobson, C. Leres, and S. McCanne, Tcpdump, June 1989 (available via anonymous FTP from ftp.ee.lbl.gov).

....NeXTSTEP operating system. The PPP driver implementation supports the Compression Control Protocol (CCP) which allows optional negotiation of a software compression mechanism. Both systems contain a non standard implementation of the BSD Packet Filter (BPF) 13] and a modified version of tcpdump [17]. These two packages are used to gather compression statistics. Custom filters were developed to parse the tcpdump files. The compression mechanisms utilized by the testbed include the popular Van Jacobson TCP Header compression mechanism [9] and a compressor that is based on the LZW scheme used ....

Van Jacobson, C. Leres, and S. McCanne. tcpdump. Available via anonymous FTP from ftp.ee.lbl.gov, June 1989.

No context found.

Jacobson, V., Leres, C., and McCanne S. Tcpdump, June 1989. Available via anonymous FTP from ftp.ee.lbl.gov.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC