In that blog I mentioned discarding high volume flows as a way to avoid those problems, but never explained how to find them. We’ve talked about the general process of speeding that up (see “ Improving Packet Capture Performance“). ![]() It’s easy to have a system where the network interface, processor, or disk can limit how many packets can be processed in a second, leading to packet capture loss. ![]() ![]() One of the most common problems in capturing and analyzing packets is making sure that the capture system can keep up with the flood of traffic.
0 Comments
Leave a Reply. |