NetFlow Data: Is there such a thing as too much?
Posted in NetFlow, NetFlow Analyzer, Network Traffic Analysis on March 26th, 2010 by nathanhI love Chinese food. I eat at our local Chinese restaurant probably once every two weeks. As I scan the menu, I always crack up at the kids section of the menu. For here I am, contemplating which Lo Mein deliciousness I want and then my eye catches the word ‘cheeseburger‘.
I always kind of chuckle at that: “Who really orders a cheeseburger at a Chinese joint?!”
But when I think about it, they must have had a reason to post burgers, mac and cheese and hot dogs on the menu…
See, when you get that craving for a Pu Pu platter and a Scorpion bowl, there’s probably a good chance that your kids won’t appreciate your selection. So to appease the children, let’s get them something they will end up eating.
Here’s my point.

Today I will be introducing you to the third of the four new analytic tools now available with Scrutinizer v7.3. The Breach Attempt Violation looks for many small flows from one source to one destination. This can indicate things such as a “brute force” or “dictionary” attack.