Sorry for a deviate question.
I am wondering if anybody here worked with some existing network traffic traces and might provide some help.
+ Recently, I went through repositories like NLANR, LBL's and Auckland to get some statistics. Somehow, the Auckland trace is very strange. For example, Bro returns nothing about connection statistics (using "conn" policy file). I checked again with Ethereal and found that in every connection reported by Ethereal, there's only one flow (the other direction is completely missing : 0 packets, 0 bytes) . Another tool returns the same result.
Does anybody here know why?
+ I wonder if there is any mailing list/ group dedicated to this topic (something like this list).
Any tip will be very much appreciated.
Thanks and best regards,
Duc