In this chapter, we will cover the following recipes:

• Discovering unusual traffic patterns
• Discovering MAC-based and ARP-based attacks
• Discovering ICMP and TCP SYN/port scans
• Discovering DoS and DDoS attacks
• Locating smart TCP attacks
• Discovering brute force and application attacks