A new article on deeper analysis of network packets, is now available on IBM developerWorks:
Whether you are monitoring your network to identify performance issues, debugging an application, or have found an application on your network that you do not recognize, occasionally you need to look deep into the protocols being used on your UNIX® network to understand what they are doing. Some protocols are easy to identify and understand, even when used on non-standard ports. Others need more investigation to understand what they are doing and what information they are exchanging. In this article, we will take a look at techniques for performing detailed analysis of the protocols in use on your UNIX network.
The piece specifically looks at ways of extracting more detailed information from the raw data you see on your network. Read Deep-protocol analysis of UNIX networks