21 Mar
2022
21 Mar
'22
3:37 p.m.
On 3/21/22 12:56 PM, Jay Hennigan wrote:
If their intent is not to have data available for analysis, and it sure sounds like it is, they aren't going to log flows or netstat. Data will be in RAM during the TCP session, then poof.
I largely agree regarding persistent storage. However, that doesn't preclude netstat / ss / tcpdump and the likes. There has to be /something/ correlating incoming and outgoing /active/ / /ongoing/ connections. I don't see anything speaking to that real-time data in their comments about architecture. -- Grant. . . . unix || die