Ever since Mitch Master Mitch has become a celebrity, he has been receiving more and more fan mail.  Most of it is electronic.  Unfortunately, this includes more potential viruses and social networking threats.  A few weeks ago he received this message from what he thought was Facebook.  The subject read “Join your friends on Facebook”.

Mitch says to me, “Who is Paul Harris?  He sent me an invite in 2007, I wasn’t even using Facebook back in 2007.”

NetFlow for Facebook Analysis

Luckily, the Mix Master is more than just a clever IT hip hop artist.  He wasn’t easily fooled by a supposed innocent friend request and deleted the invite.  However, if he had opened it the results may have been disastrous.  What if it contained a virus and ended up forwarding itself to all of Mitch’s fans via his Microsoft Outlook?  How would we know who the email went to?  Easy, we’d use Mailinizer  Mail Log Analyzer .

Below is just an example of the sort of filters you can run on the Microsoft Exchange Logs exported by Mailinizer using IPFIX data grams.  IPFIX is the proposed standard for NetFlow.

Mail Log Analyzer

If necessary, I could have filtered on Mitch’s email address and the subject “Join your friends on Facebook”.  The report would have displayed everyone the email went to.  If in fact we had a problem, I ‘d know where else to look.

Now that you know his email address, feel free to contact Mitch to evaluate Mailinizer.  Make sure you ask him to also show you how to use NetFlow reporting to investigate who is visiting facebook.com the most.

September 2013 Update on Monitoring Facebook Traffic: Cisco AVC is the best way today to monitor Facebook.com traffic.

Mike Patterson author pic

Michael

Michael is one of the Co-founders and the former product manager for Scrutinizer. He enjoys many outdoor winter sports and often takes videos when he is snowmobiling, ice fishing or sledding with his kids. Cold weather and lots of snow make the best winters as far as he is concerned. Prior to starting Somix and Plixer, Mike worked in technical support at Cabletron Systems, acquired his Novell CNE and then moved to the training department for a few years. While in training he finished his Masters in Computer Information Systems from Southern New Hampshire University and then left technical training to pursue a new skill set in Professional Services. In 1998 he left the 'Tron' to start Somix which later became Plixer.

Related

Big Data

Sankey Flow Graph

One of the greatest benefits of NetFlow collection for traffic analysis, is we’re provided with the ability to visualize the…

Leave a Reply