I would like to get a log file that contains Denial of Service (Dos) attack events from WireShark. May i know how i do i get it using Wireshark?
asked 11 Apr '12, 01:42
Wireshark is not the best tool for this purpose. First of all, it's memory footprint will increase over time, so for long term monitoring, you need something else. Second of all, Wireshark will fully dissect each packet, which is overkill for DoS detection. You need a fast pattern matching enginge for that.
Have a look at Snort instead...
answered 11 Apr '12, 17:20