Chapter 10. Real-World Analysis

Real-World Analysis

No doubt you've had your fill of healthy, low-fat theory on packet dissection and header fields. How about bringing on some of the more interesting, tasty, real-world traffic? That is what we are about to embark on in this chapter. For you to understand the analysis that will be shown here, it was necessary to lay the groundwork in previous chapters first.

To refresh your memory of the intent of this section, we want to analyze traffic from many different viewpoints. We’ve evolved from bits and fields in previous chapters to inspecting one or more packets for their intent and explaining some actual events of interest ...

Get Network Intrusion Detection, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.