User Tools

Site Tools


articles

Articles

Articles about network security monitoring, traffic analytics, setting up measurement, techniques for scaling, threat hunting tips, etc.

Hardware and Data Acquisition

Docker

NSM and Packet Analytics Concepts

Scripting

TLS Fingerprinting

Intrusion Detection

Offline analysis with the WRCCDC PCAP dump

In this three part series, we explain techniques and show how to analyze the 2018 WRCCDC PCAP dump using TrisulNSM. We appreciate the kind folks at WRCCDC for making this publicly accessible.

Part 1: Strategy to analyze large PCAP dumps without getting overwhelmed

Part 2: How to use the free TrisulNSM Docker image to process the PCAPs

Part 3: Screenshots and vids showing some of the results and techniques

Netflow analytics

Administration Tips

articles.txt · Last modified: 2018/10/16 06:13 by dhinesh