How to: Analysing packet captures with Security Onion
This ‘how to’ explains the process of using Security Onion’s tools to analyse a packet capture, then extract and examine a potentially malicious file.
Category:
Tech matters
Whither DANE?
Guest Post: DANE has reached an impasse in web deployment – so where to from here?
Forcing attackers to be 100% right
Guest Post: With some tweaks to how we approach network security, we can tip the balance back in the favour of defenders.
MyNOG 8: The evolution of registry services
Recent years have seen great advances in registry services, improving on the 37-year old whois protocol.
TakNet – A community white space wireless network
Guest Post: Community White Space wireless Networks are helping to connect rural communities in developing economies such as Thailand.
Sub-regional Resource Update: South Asia
An update on trends in resource delegation in South Asia.
Thinking on the edge key to future incident response
Guest Post: CARIS2 drew a diverse set of participants to discuss and workshop ideas for scaling and balancing defence and monitoring capabilities.
DDoS tsunami: A Cambodian case study
Last year’s DDoS attacks on Cambodia’s ISPs have been a wake up call to the industry.
Real-time detection of DNS exfiltration
Guest post: New real-time DNS exfiltration detection approach has 98% accuracy in high-speed enterprise networks.
PacNOG 24: Trust, rumours and routing security
Staying out of news headlines should be motivation enough to secure Internet routing. So why do we continue to hear about Internet routing leaks and hijacks?