We have some 'interesting' traffic hitting our honey pot. It's extremely infrequent (and probably benign). I normally have no issue manually pinning network activity to a process ID, but this traffic is setup and torn down as fast as it can. What programs, which methods do others use to handle these scenarios? Overlooking the fact that it's probably benign, I need to be thinking about the future and my ability to track these things down.
No comments:
Post a Comment