Security analysis tool Trisul 2.3 released
Trisul is a new kind of network monitor that supplements fine grained traffic metering with flows, packets, and alerts. You can carry out any kind of network and security analysis.
Trisul is designed from the ground up to meter your network traffic. Not just simple host or application bandwidth usage but over 100 parameters across all network layers.
For each host seen Trisul meters 12 items such as Total, In, Out, Established Connections, Connection attempts, alerts as attacker, as victim, TCP stats, internal vs external transfers, among others. Similarly you get dozens of stats by MAC layer, by Country / ASN, per VLAN, at Layer 2, at Layer 3, IPv6, internal & external hosts.
Release 2.3 introduces a cool new addition to the real time alert visualization. You can now rotate (pivot) the view on parameters other than the alert signature. You can view by source / destination IP/ port/ priority/ etc.
Another new feature is the large PCAP dump import tool, which allows you to read in entire directories of PCAPs using the browser. Overall performance and bug fixes rounds off this release.