Hi list, I use ntop from svn under debian 7. I mirror the firewall port on the switch, I get the traffic, etc.
I would to see the windows RDP traffic (WBT, tcp/3389) and I don't see anything under ip traffic summary view. Strange thing : for the server (or another host) I see an amount of traffic of ~100 Mo, but those 100 Mo aren't classified by protocol or in the column unknown, I see only few bytes under DNS or RTP. I try to start ntop with -p="RDP=3389", no result. I see this rdp traffic with tcpdump. I try also the ntop from the debian repository (version 4.99) and modify /etc/ntop/protocol.list, no way. Could someone help me how debug that ? Thanks ! -- -- Pierre
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
