I'm trying to get the following metrics from my tcpdump log file:
(1) one-way delay, (2) request/response delay, (3) packet loss, (4) overall transaction duration and (5) delay variation (jitter).
For clarification: transaction duration refers to the time it takes to complete one action: fetching a web page, sending an email or downloading a file through ftp. (however in the case of FTP it refers to the downloading of one single file, not the entire session)
While 1,2,3 and 5 are relatively seem relatively easy to script I'm a bit stuck on getting 4 in a somewhat automated way.
The protocols involved: TCP, UDP, DNS, ICMP, FTP, Mail(smtp) I'm trying to make a ddos impact analysis as described in this paper
Question is two-fold:
1) Are there existing scripts/ tools that already exist that do the above?(time saver)
2) What would be a good approach for 4?