Are there any Linux tools to identify and report network traffic at the application layer (sort of an application-layer protocol sniffer)? Layer 2-to-4 sniffers are next to useless at identifying apps that do not use fixed and documented ports. Examples: Peer-to-peer apps or apps utilizing well known ports defined for other apps like non-http traffic to tcp/80, or non-ftp traffic to tcp/21, etc... _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
