There are times when we adults would be better off thinking like toddlers. More specifically, I want us all to go back to the days where we asked incessant strings of questions before our tired parents got us to stop. “Why, why, why?” This mindset helps answer the question, “Why analyze network traffic?” The simplest …
Asking the Hard Questions: Why Analyze Network Traffic? Read More »
Although the Cisco ASA NetFlow exports have had some problems in the past, Cisco was the first vendor to export flows from a firewall so a few issues out of the gate are almost expected. Despite a few enigmas, it was still great to have and certainly better than nothing. In order to optimize the …
Network forensics can be an intimidating subject. When IT personnel hear the word “forensics” they often recoil with visions of complicated software such as EnCase. Or they may think about expensive packet capture solutions such as Niksun’s NetDetector product line. While these tools can serve a specific purpose, your first line of network forensics defense …
Network Forensics and Incident Response Using NetFlow and IPFIX Read More »