Whats the best way to identify network behavior?? Behavior of the ports/interfaces and routers? I can get data and analyse the traffic but trying to search for a pattern for a meaningful classification. Any help appreciated.

WireShark is a great tool, too.

Features are similar to other, but one is the exporting to CSV. You could then import the CSV into Excel and run some analysis there.


Try Fiddler.


I would say Ethereal is the best tool out there.


It was some time since I used it, but by what I remember you could choose a number of filters and features like that which made it very clear what was going on.

