North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: identifying application type of network traffic

  • From: Cheung, Rick
  • Date: Thu Dec 16 15:58:29 2004
Title: RE: identifying application type of network traffic

        I believe NBAR stats are accessible via SNMP, so you can use MRTG to graph application utilization.

http://vermeer.org/display_doc.php?doc_id=6



___________________________________________________________________

Thanks,
Rick Cheung


-----Original Message-----
From: [email protected] [mailto:[email protected]]On Behalf Of
Adam Atkinson
Sent: Thursday, December 16, 2004 11:17 AM
To: NANGO
Subject: RE: identifying application type of network traffic



> Currently, I use (protocol, port_number) as indicator
> of application. Referring to rfc on wellknown protocol
> and port allocation, I can only identity about 50% of
> traffic type.
>
> Is there a complete  (protocol, port_number) list ? or
> is there a better way to identify application type
> based on netflow data?

Cisco's "Network Based Application Recognition" can recognise quite
a few things, particularly a fair few p2p applications. It looks
at the actual contents of packets, not just the port numbers.

This message, including any attachments, contains confidential information intended for a specific
individual and purpose and is protected by law. If you are not the intended recipient, please contact
sender immediately by reply e-mail and destroy all copies.
You are hereby notified that any disclosure, copying, or distribution of this message, or the taking
of any action based on it, is strictly prohibited.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email
and any attachments for the presence of viruses. The sender accepts no liability for any damage
caused by any virus transmitted by this email. E-mail transmission cannot be guaranteed
to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive
late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors
or omissions in the contents of this message, which arise as a result of e-mail transmission.