I am at the point that most of my "unknown' traffic is Microsoft Exchange ( either between Exchange Servers or between Outlook & the Exchange Servers ). Has anyone come up with a way to classify this traffic?
The only thing I have been able to come up with is a combination of a "last gasp" nDPI plugin ( I.E. after all other attempts to classify the traffic have failed ), and additional values in the ntopng.conf file, where you define the Exchange Servers in the ntopng config file, and in the plugin if the traffic is to or from an Exchange Server and both the Source & Destination Ports are > 1024 classify the Traffic as Exchange. Tim Bernhardson Technical Services Manager Sun-Maid Growers of California 7273 Murray Drive, Ste 18 Stockton, CA 95210 Direct Telephone: 1-209-472-8547 Facsimile: 1-209-482-8448 E-Mail: [email protected]<mailto:[email protected]> Web: www.sunmaid.com<http://www.sunmaid.com>
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
