search youtube arrow-left arrow-right quote close hamburger Twitter facebook linkedin page-header-bottom arrow right arrow left

Author: Ryan Slosser

My name is Ryan. I work in development here at Plixer. I mostly deal with hardware deployment. I enjoy kayaking and fishing during the summer and skiing in the winter. People can count on me and I always give 100% unless I'm donating blood.
Network Operations

Searching NetFlow for a private host behind a NAT router

Posted on - by Ryan Slosser

Inbound traffic that is captured and exported as NetFlow by your NAT router only shows that the destination of the inbound internet traffic is your external IP address. But what if you want to know what private host initiated that traffic? Today, I’d like to go over how Plixer Scrutinizer can report on this traffic and expose the internal address of this traffic.

Read more
Configuration

NetFlow configuration: back to basics

Posted on - by Ryan Slosser

As a conversation is observed by a NetFlow-capable device, metadata about that conversation such as source and destination addresses, source and destination port numbers, and packet sizes are stored in a cache on the device until a timeout is reached, then exported to a NetFlow collector to be used for reporting later. I’d like to talk about the information collected and how long the device will hold that information in the cache.

Read more
Scrutinizer

Plixer Scrutinizer new UI changes

Posted on - by Ryan Slosser

With the newest release of version 19.0.0, I’d like to go over how Plixer Scrutinizer’s UI has changed to make finding data easier. There are a few new ways to accomplish the same tasks in the newest release that differ from the version 18.20 and under. This blog will cover how to accomplish some common workflows in the new UI, and how to navigate to the data you need even faster than before.

Read more
General

How to deploy a Flowpro Virtual Appliance

Posted on - by Ryan Slosser

Today I want to talk about how to deploy a Flowpro Virtual Appliance. With the Flowpro Virtual Appliance, you can get that visibility into network traffic where exporting flow data is not natively available from devices. I want to go through the steps of deploying the Flowpro Virtual Appliance.

Read more

Security Operations

Data Exfiltration over DNS

Posted on - by Ryan Slosser

How many companies out there are monitoring DNS traffic? Are you concerned about data exfiltration over DNS? How many people even know that is possible? These are questions I get to ask customers, and the response I get is the same with everyone. Not very many companies monitor their DNS traffic.

Read more

Network Operations

NetFlow Collector IPv6 Support

Posted on - by Ryan Slosser

With the exhaustion of IPv4 addresses, the need to switch to IPv6 is inevitable and has been for many years. As your company makes the switch to IPv6, don’t forget NetFlow collector’s IPv6 support. I’m not only talking about the ability of your NetFlow collector to report on IPv6 conversations, but also the ability to collect NetFlow sent in IPv6 packets.

Read more

Security Operations

Detecting Tor Traffic

Posted on - by Ryan Slosser

Detecting TOR traffic will help identify possible infections on your network. It keeps the eyes of your network team open to different types of malware that utilize Tor for disguising its intent end location. Tor not only encrypts its traffic, but also disguises its traffic as HTTPS communications thus making NetFlow/IPFIX a valuable asset in setting this traffic apart from normal HTTPS traffic that we all know is on the network.

Read more

Download the new Gartner Network Detection and Response Market Guide
+