In order to analyze network traffic, check the destination port number using the network monitoring tool that identified...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
the spikes. In many cases, this will tell you the type of TCP and UDP traffic you're seeing. For example, traffic on port 80 is normally HTTP traffic, while traffic on port 443 is normally HTTPS traffic. You can consult the Port Database if you encounter a port you don't recognize.
If that doesn't do the trick, you'll need to sniff the network traffic to identify it. You can do this by connecting a computer running a packet sniffer to your network and leaving it running during one of the spikes. My favorite tool for this job is Wireshark. For more information on using Wireshark, see my tutorial: How to sniff network traffic.
For more information:
Dig Deeper on Monitoring Network Traffic and Network Forensics
Related Q&A from Mike Chapple
Are nonprofit organizations, like higher education institutions, subject to FTC cybersecurity regulations and oversight? Expert Mike Chapple explains.continue reading
It's important for healthcare organizations to have a clear social media policy. Expert Mike Chapple explains what needs to be in the policy to stay ...continue reading
SOC 2 evaluations can be helpful tools for organizations assessing their HIPAA compliance, but companies should not solely rely on them. Compliance ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.