The SOF-ELK package is available as a VM and does some amazing things:
https://github.com/philhagen/sof-elk/blob/master/VM_README.md
It was put together for the SANS FOR572 course:
https://www.sans.org/course/advanced-network-forensics-analysis
The ELK stack can scale big if you want it to.
On 2
On 20/09/2017 10:29, Daniel Watson wrote:
> Hi List
>
> I hope somebody here might be able to assist with this small issue I seem to
> be having with a customers router at present
>
> When setting up remote dial-in users, the first user works fine, but no
> additional users seem to work
>
Hi List
I hope somebody here might be able to assist with this small issue I seem
to be having with a customers router at present
When setting up remote dial-in users, the first user works fine, but no
additional users seem to work
If i move the user3 to user1 it works, so its ONLY allowing #1
NTopng isn’t bad but be aware of your underlying hardware when dealing with
traffic volumes above a few Gbit. You’ll need to be conscious of NUMA node
assignment and NIC drivers.
I would suggest you look into PF_RING ZC as well
(http://www.ntop.org/products/packet-capture/pf_ring/pf_ring-zc-zero
pmacct is really great, open source and is actively maintained.
Regards,
Thomas Cuthbert
On Wed, Sep 20, 2017 at 7:48 AM, Dave Browning wrote:
> Hi All,
>
> Just chasing people’s recommendations for a good carrier/ISP grade Netflow
> collector & analyser. Have had a play with ntopng & nprobe
Hi All,
Just chasing people’s recommendations for a good carrier/ISP grade Netflow
collector & analyser. Have had a play with ntopng & nprobe and so far is
looking the goods.
Cheers,
Dave
Dave Browning | Network Engineer
P 1300 791 678
Level 1, 12 Railway Tce, Milton QLD 4064
_
Thanks Rob, and thanks to everyone else on and off list who’s been in touch –
very much appreciated.
Cheers,
Ben
From: Robert Hudson [mailto:hud...@gmail.com]
Sent: Tuesday, 19 September 2017 5:19 PM
To: Ben Johnston
Subject: Re: [AusNOG] OT: Cabler around Eagle Farm - Brisbane
Call Fast Track
Good morning all,
Due to the number of questions I've had following my talk at this year's
conference, I've gone and written it up here:
https://www.timraphael.com/2017/09/14/modern-network-monitoring-for-the-rest-of-us/
Thank you to everyone that provided feedback for the talk - I'm always kee
This is actually a good point.
We trust in SSL, etc, PKI in general.
This has always been an arms race, this latest Apache “OptionsBleed” for
example. Seriously, who would have guessed a .htaccess typo can cause a memory
leak showing bits and pieces of memory to anyone.
RE: the restaurant an
On 19 Sep. 2017 5:36 pm, "Paul Wilkins" wrote:
"you just have to try your best" goes only as far as the provider's
internal network and systems. There's no provision for protection of the
data plane or services delivered to third parties.
Yes there is, and most of it is around 20 years old c.f
"you just have to try your best" goes only as far as the provider's
internal network and systems. There's no provision for protection of the
data plane or services delivered to third parties.
Kind regards
Paul Wilkins
On 19 September 2017 at 17:25, Eric Pinkerton wrote:
> >The State/Taxpayer h
>The State/Taxpayer has never once picked up the bill for a network security
>incident.
The bill for these things is mostly paid for by the blood sweat and tears of
those affected. Anyone who had had their identity stolen for example will tell
you just how painful and costly it is.
Regardless
Almost none of the companies featured in the AusNOG community have carrier
licenses.
Most of the Government’s interference in the sector is targeted at Carriage
Service Providers, which are not licensed.
The State/Taxpayer has never once picked up the bill for a network security
incident.
13 matches
Mail list logo