Главная
Study mode:
on
1
Intro
2
Jason Smith
3
Applied Network Security Monitoring
4
Not on the Agenda
5
Full PCAP vs. Flow Data
6
Building Flow Records
7
Generating Flow Data
8
Collecting Flow Data
9
Flow Data Tool Comparisons
10
SILK and FlowBAT
11
SILK Collection Architecture
12
Getting Started with Flows
13
SILK - Install
14
SILK Analysis - PCAP Conversion
15
SILK Analysis - Output Examples
16
FlowBAT - Install
17
FlowBAT Analysis - Filtering
18
FlowBAT Analysis - Stats
19
FlowBAT Analysis - Non-Standard Ports Discovering outbound data to applications using nonstandard ports
20
Identifying Services
21
Analyzing PCAP Files PCAPs need to exist on the FlowBAT server
22
Network Flow Automation
23
Flow Plotter
24
Conclusion
Description:
Explore network situational awareness using flow data in this comprehensive conference talk from BSides Augusta 2016. Dive into the comparison between full PCAP and flow data, learning how to build, generate, and collect flow records. Discover various flow data tools, with a focus on SILK and FlowBAT. Follow along with installation processes and practical analysis techniques for both tools. Gain insights into identifying services, analyzing PCAP files, and implementing network flow automation. Conclude with an introduction to Flow Plotter and its applications in enhancing network security monitoring.

Network Situational Awareness with Flow Data

Add to list
#Conference Talks #Information Security (InfoSec) #Network Security #Network Traffic Analysis #Network Security Monitoring
1 of 24

Intro