[Bro] Packet service time vs connection time
Mike Muratet
mike.muratet at torchtechnologies.com
Tue Sep 14 08:20:04 PDT 2004
Greetings
I am attempting a clustering analysis on packet data collected with tcpdump
using bro. I have used the conn script that comes with the bro distribution
to process interarrival and connection times for connections. Also of
interest are the packet interarrival and service times. Given that there is
a single time stamp for each record, is there a way to calculate a service
time for a packet? I don't think there is (without access to the interface)
but I'm not a network expert and I thought I should check. I have the Paxson
and Floyd paper 'Wide Area Traffic....' but I haven't found any bits about
service time. (Vern, are you out there?)
Regards
Mike
More information about the Bro
mailing list