Identifying Operating System Using Flow-based Traffic Fingerprinting
|
|
- Silvia Powers
- 5 years ago
- Views:
Transcription
1 Identifying Operating System Using Flow-based Traffic Fingerprinting Tomáš Jirsík, Pavel Čeleda {jirsik Institute of Computer Science, Masaryk University EUNICE 2014 September, 1. 5., Rennes, France
2 Motivation Increasing number of devices Management of devices Security issues VPN Wireless Access Point Home/Business Networks Datacenters Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
3 State of the Art Active Approach Higher precision of detection Inserts other traffic Needs to scan each host Passive Approach Lower detection precision Transparency Large-scale network detection Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
4 Detection Methods L3 - L4: Network and Transport Layer OS TTL SYN packet size TCP window size Windows XP Windows Ubuntu Mac OS X L7: Application Layer OS Browser User-Agent Windows 7 Chrome Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/ (KHTML, like Gecko) Chrome/ Safari/ Ubuntu Firefox Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:29.0) Gecko/ Firefox/29.0 Mac OS X Safari Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/ (KHTML, like Gecko) Version/6.1.1 Safari/ Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
5 Network Flows Probe SRC and DST IP addr SRC and DST port Protocol number TCP flags Lifetime Sum of bytes Others IPFIX Collector Data analysis Fl ow start Durati on Proto Src I P Addr: Port Dst I P Addr: Port Fl ags Packets Bytes 09: 41: TCP : > : 80. AP. SF : 41: TCP : 80 - > : AP. SF Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
6 Architecture Design Packet Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
7 Architecture Design Packet Metering Process Packet observation Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
8 Architecture Design Packet Metering Process Packet observation Data extraction Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
9 Architecture Design Packet Metering Process Packet observation Data extraction F = (IPsrc,IPdst,Psrc,Pdst,Proto, Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
10 Architecture Design Packet Metering Process Packet observation Data extraction F = (IPsrc,IPdst,Psrc,Pdst,Proto,TTL,Size SYN,Size WIN,UA) Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
11 Architecture Design Packet Metering Process Packet observation Data extraction Information aggregation Flow Cache F = (IPsrc,IPdst,Psrc,Pdst,Proto,TTL,Size SYN,Size WIN,UA) Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
12 Architecture Design Packet Metering Process Packet observation Data extraction Information aggregation Flow Cache Flow OS Detection F = (IPsrc,IPdst,Psrc,Pdst,Proto,TTL,Size SYN,Size WIN,UA) Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
13 Architecture Design Packet Metering Process Packet observation Data extraction Exporting Process Flow export OS included Flow export Information aggregation Flow Cache Flow OS Detection F = (IPsrc,IPdst,Psrc,Pdst,Proto,TTL,Size SYN,Size WIN,UA) Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
14 Architecture Design Packet Metering Process Packet observation Data extraction Exporting Process Flow export OS included Flow export Information aggregation Flow Cache Flow OS Detection F = (IPsrc,IPdst,Psrc,Pdst,Proto,TTL,Size SYN,Size WIN,UA) Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
15 Benchmark Sample 1 No modules HTTP module All modules Random network traffic Sample 2 No modules HTTP module All modules UDP:HTTPreq:SYN packets = 1:1: Sample 3 No modules HTTP module All modules UDP:HTTPreq:SYN packets = 2:1: Packets per second Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
16 Deployment Data set: 2 hours of traffic, M flows, hosts # of unique OS # of IP in A % of all A # of IP in B % of all B > Total % % Number of unique OS detected at one IP: A - whole network, B - dynamically addressed subnets removed Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
17 Summary Large scale detection Flow based OS detection framework High performance Future Work Deep analysis of User-Agents Fingerprint correlation Fingerprint database improvement Tomáš Jirsík, Pavel Čeleda Identifying Operating System Using Flow-based Traffic Fingerprinting 3rd September / 10
18 Thank you for your attention! Tomáš Jirsík, Pavel Čeleda {jirsik
Enhancing Network Security: Host Trustworthiness Estimation
Enhancing Network Security: Host Trustworthiness Estimation Tomáš Jirsík, Pavel Čeleda {jirsik celeda}@ics.muni.cz Institute of Computer Science, Masaryk University Goal 25,739% Tomáš Jirsík, Pavel Čeleda
More informationDesign and Evaluation of HTTP Protocol Parsers for IPFIX Measurement
Design and Evaluation of HTTP Protocol Parsers for IPFIX Measurement Petr Velan, Tomáš Jirsík, Pavel Čeleda {velan jirsik celeda}@ics.muni.cz 19th EUNICE Workshop on Advances in Communication Networking
More informationDetection of DNS Traffic Anomalies in Large Networks
Detection of Traffic Anomalies in Large Networks Milan Čermák, Pavel Čeleda, Jan Vykopal {cermak celeda vykopal}@ics.muni.cz 20th Eunice Open European Summer School and Conference 2014 1-5 September 2014,
More informationLarge-Scale Geolocation for NetFlow
Large-Scale Geolocation for NetFlow Pavel Čeleda, Petr Velan, Martin Rábek Rick Hofstede, Aiko Pras {celeda velan xrabek1}@ics.muni.cz, {r.j.hofstede a.pras}@utwente.nl IFIP/IEEE IM 2013, 27-31 May 2013,
More informationUA-Tester.... or why Web-Application Penetration Testers are only getting half the story
UA-Tester... or why Web-Application Penetration Testers are only getting half the story UA-Tester... or why Web-Application Penetration Testers are only getting half the story... or time to PIMP your tool!
More informationNETWORK TRAFFIC CHARACTERISATION USING FLOW-BASED STATISTICS
NETWORK TRAFFIC CHARACTERISATION USING FLOW-BASED STATISTICS Wednesday 27 th April, 2016 Petr Velan Jana Medková, Tomáš Jirsík, Pavel Čeleda Introduction We need to be able to describe the network traffic.
More informationWhite Paper: Next-Gen Network Traffic Analysis (NTA): Log-based NTA vs. Packet-based NTA
White Paper: Next-Gen Network Traffic Analysis (NTA) Log-based NTA vs. Packet-based NTA ALEX VAYSTIKH, SecBI CTO & Co-Founder February 2018 Executive Summary Network Traffic Analysis (NTA) is a critical
More informationHardware-Accelerated Flexible Flow Measurement
Hardware-Accelerated Flexible Flow Measurement Pavel Čeleda celeda@liberouter.org Martin Žádník zadnik@liberouter.org Lukáš Solanka solanka@liberouter.org Part I Introduction and Related Work Čeleda, Žádník,
More informationMuhammad Farooq-i-Azam CHASE-2006 Lahore
Muhammad Farooq-i-Azam CHASE-2006 Lahore Overview Theory Existing Sniffers in action Switched Environment ARP Protocol and Exploitation Develop it yourself 2 Network Traffic Computers and network devices
More informationCAMNEP: Multistage Collective Network Behavior Analysis System with Hardware Accelerated NetFlow Probes
CAMNEP: Multistage Collective Network Behavior Analysis System with Hardware Accelerated NetFlow Probes Martin Rehak, Pavel Celeda, Michal Pechoucek, Jiri Novotny CESNET, z. s. p. o. Gerstner Laboratory
More informationplixer Scrutinizer Competitor Worksheet Visualization of Network Health Unauthorized application deployments Detect DNS communication tunnels
Scrutinizer Competitor Worksheet Scrutinizer Malware Incident Response Scrutinizer is a massively scalable, distributed flow collection system that provides a single interface for all traffic related to
More informationExperiences with IPFIX-based Traffic Measurement for IPv6 Networks. Nakjung Choi, Hyeongu Son*, Youngseok Lee* and Yanghee Choi
Experiences with IPFIX-based Traffic Measurement for IPv6 Networks Nakjung Choi, Hyeongu Son*, Youngseok Lee* and Yanghee Choi Seoul National Univ *Chungnam National Univ 27. 8. 31 (Fri) SIGCOMM 27 IPv6
More informationCS 455/555 Spring 2011 Weigle
Homework 2 Application-Level Protocols Assigned: Tuesday, February 1, 2011 Due: Tuesday, February 15, 2011 at the beginning of class CS 455 100 points CS 555 112 points Note: All homework assignments must
More informationMonitoring and diagnostics of data infrastructure problems in power engineering. Jaroslav Stusak, Sales Director CEE, Flowmon Networks
Monitoring and diagnostics of data infrastructure problems in power engineering Jaroslav Stusak, Sales Director CEE, Flowmon Networks 35,000 kilometers of electric power, which feeds around 740,000 clients...
More informationProxy VPN. Network Forensics. Adv Security and. Eve. Bob. Alice SIEM. Author: Prof Bill Buchanan
Adv Security and Network Forensics Proxy VPN Eve Bob Alice Author: Prof Bill Buchanan Big Data Four Vs of Big Data V- Velocity [Speed of data generation] V- Variety [Different forms of data] V- Veracity
More informationClear Cache Guide Click here for Windows guide Click here for Mac OS guide
Velocity@ocbc Clear Cache Guide Click here for Windows guide Click here for Mac OS guide Version 1.0 1 of 18 Step 1: Check your browser version 1. Type www.whatismybrowser.com at the address bar and press
More informationDetect Users Browser Capabilities with PHP
Detect Users Browser Capabilities with PHP In today's internet of JavaScript rich UI, it's sometimes very important to know the browser/platform user is using for browsing your site so that you can change
More informationHomework 2 50 points. CSE422 Computer Networking Spring 2018
Homework 2 50 points ATM Application-Level Protocol (10 points) Design and describe an application-level protocol to be used between an automatic teller machine and a bank s centralized computer. Your
More informationEDA095 HTTP. Pierre Nugues. March 30, Lund University
EDA095 HTTP Pierre Nugues Lund University http://cs.lth.se/pierre_nugues/ March 30, 2017 Covers: Chapter 6, Java Network Programming, 4 rd ed., Elliotte Rusty Harold Pierre Nugues EDA095 HTTP March 30,
More informationThe realtime web: HTTP/1.1 to WebSocket, SPDY and beyond. Guillermo QCon. November 2012.
The realtime web: HTTP/1.1 to WebSocket, SPDY and beyond Guillermo Rauch @ QCon. November 2012. Guillermo. CTO and co-founder at LearnBoost. Creator of socket.io and engine.io. @rauchg on twitter http://devthought.com
More informationSystem Requirements. Things to Consider Before You Install Foglight NMS. Host Server Hardware and Software System Requirements
System Requirements This section contains information on the minimum system requirements for Foglight NMS. Before you can begin to download Foglight NMS, you must make sure that your computer meets the
More informationBrowser Checklist. Objective. Content. 1) Zurich recommended browser
Browser Checklist Objective To ensure that agents have the fastest and best experience of Zurich einsurance portal. By checking that agents have the best browser on the computers. By creating a shortcut
More informationSirindhorn International Institute of Technology Thammasat University
1 Name...ID....Section. Seat No.. Sirindhorn International Institute of Technology Thammasat University Midterm Examination: Semester 2/2007 Course Title : ITS 332 Information Technology II Lab (Networking)
More informationCSE 333 Lecture HTTP
CSE 333 Lecture 19 -- HTTP Hal Perkins Department of Computer Science & Engineering University of Washington Administrivia Server-side programming exercise due Wed. morning HW4 due a week later - How s
More informationJersey City Free Public Library WIFI Hotspot
1. Windows 2000, XP, 7 and Vista Users: a. Select the wireless icon in the system tray. or or or b. Select the SSID of the library you are currently located: JCPL- c. Launch a web browser (Internet Explorer,
More informationTECHNICAL NOTE CLEARPASS PROFILING QUICK START GUIDE
TECHNICAL NOTE CLEARPASS PROFILING QUICK START GUIDE REVISION HISTORY Revised By Date Changes Dennis Boas Aug 2016 Version 1 initial release 1344 CROSSMAN AVE SUNNYVALE, CA 94089 1.866.55.ARUBA T: 1.408.227.4500
More informationE-statement Settings Guide
E-statement Settings Guide Contents Windows PC... 3 Google Chrome... 3 Internet Explorer... 7 Mozilla Firefox... 10 Apple Macintosh... 14 Safari for Mac... 14 Apple ios (iphone/ipad)... 21 Safari for ios
More informationLayered Networking and Port Scanning
Layered Networking and Port Scanning David Malone 22nd June 2004 1 IP Header IP a way to phrase information so it gets from one computer to another. IPv4 Header: Version Head Len ToS Total Length 4 bit
More informationAdobe Flash Player Manual Firefox Windows 7 64 Bit Chrome
Adobe Flash Player Manual Firefox Windows 7 64 Bit Chrome I am using Firefox 31 and Flash 14.0.0.179 (32 bit) running under Windows 7 Pro. I also have the 64 bit version installed for use with internet
More informationApplications & Application-Layer Protocols: The Web & HTTP
CS 312 Internet Concepts Applications & Application-Layer Protocols: The Web & HTTP Dr. Michele Weigle Department of Computer Science Old Dominion University mweigle@cs.odu.edu http://www.cs.odu.edu/~mweigle/cs312-f11/
More informationIntroduction to Netflow
Introduction to Netflow Campus Network Design & Operations Workshop These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International license (http://creativecommons.org/licenses/by-nc/4.0/)
More informationThe Security Impact of HTTPS Interception
The Security Impact of HTTPS Interception Zakir Durumeric, Zane Ma, Drew Springall, Richard Barnes, Nick Sullivan, Elie Bursztein, Michael Bailey, J. Alex Halderman, Vern Paxson University of Michigan,
More informationMcAfee Network Security Platform 9.2
McAfee Network Security Platform 9.2 (9.2.7.22-9.2.7.20 Manager-Virtual IPS Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product
More informationYAF A Case Study in Flow Meter Design
YAF A Case Study in Flow Meter Design presented at FloCon 2008 - Savannah, Georgia Brian Trammell Technical Lead, Engineering CERT Network Situational Awareness YAF Open-source, IPFIX-compliant bidirectional
More informationNetwork Management and Monitoring
Network Management and Monitoring Introduction to Netflow These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/)
More informationBuilding an IPS solution for inline usage during Red Teaming
Building an IPS solution for inline usage during Red Teaming Repurposing defensive technologies for offensive Red Team operations K. Mladenov A. Zismer {kmladenov,azismer}@os3.nl Master Students in System
More informationTesting your TLS version
Testing your TLS version If you are not able to access Progressive Leasing websites, you may need to upgrade your web browser or adjust your settings. In order to test your TLS version to see if it is
More informationFlow Measurement. For IT, Security and IoT/ICS. Pavel Minařík, Chief Technology Officer EMITEC, Swiss Test and Measurement Day 20 th April 2018
Flow Measurement For IT, Security and IoT/ICS Pavel Minařík, Chief Technology Officer EMITEC, Swiss Test and Measurement Day 20 th April 2018 What is Flow Data? Modern method for network monitoring flow
More informationA Robust Classifier for Passive TCP/IP Fingerprinting
A Robust Classifier for Passive TCP/IP Fingerprinting Rob Beverly MIT CSAIL rbeverly@csail.mit.edu April 20, 2004 PAM 2004 Typeset by FoilTEX Outline A Robust Classifier for Passive TCP/IP Fingerprinting
More informationPerceptive DataTransfer
Perceptive DataTransfer System Overview Guide Version: 6.5.x Written by: Product Knowledge, R&D Date: May 2017 2017 Lexmark. All rights reserved. Lexmark is a trademark of Lexmark International, Inc.,
More informationCovert channel detection using flow-data
Covert channel detection using flow-data Guido Pineda Reyes MSc. Systems and Networking Engineering University of Amsterdam July 3, 2014 Guido Pineda Reyes (UvA) Covert channel detection using flow-data
More informationQuickBooks Online Student Guide. QuickBooks Online Education Introduction
QuickBooks Online Student Guide QuickBooks Online Education Introduction 2 Introduction The Intuit Education Program is dedicated to empowering educators and students to advance their skills and expertise
More informationValidation of the Network-based Dictionary Attack Detection
Validation of the Network-based Dictionary Attack Detection Jan Vykopal vykopal@ics.muni.cz Tomáš Plesník plesnik@ics.muni.cz Institute of Computer Science Masaryk University Brno, Czech Republic Pavel
More informationMaster Course Computer Networks IN2097
Chair for Network Architectures and Services Prof. Carle Department for Computer Science TU München Master Course Computer Networks IN2097 Prof. Dr.-Ing. Georg Carle Christian Grothoff, Ph.D. Dr. Nils
More informationRemote Asset Manager. Version 2.2. Administrator's Guide
Remote Asset Manager Version 2.2 Administrator's Guide April 2018 www.lexmark.com Contents 2 Contents Change history... 3 Overview... 4 Deployment readiness checklist...5 Getting started... 6 Installing
More informationConfiguring AVC to Monitor MACE Metrics
This feature is designed to analyze and measure network traffic for WAAS Express. Application Visibility and Control (AVC) provides visibility for various applications and the network to central network
More informationExercises: Basics of Networking II Experiential Learning Workshop
Exercises: Basics of Networking II Experiential Learning Workshop 1 General Guidelines 1. Make a team of two or three unless stated otherwise. 2. For each exercise, use wireshark capture to verify contents
More informationTechnology Requirements for Online Testing
Technology Requirements for Online Testing Training Module Copyright 2014 American Institutes for Research. All rights reserved. Topics Site Readiness Network Requirements Hardware and Software Requirements
More informationA hacker in a hoodie with leather gloves tapping a glowing blue lock icon on a transparent touchscreen with ones and zeroes raining down in green
A hacker in a hoodie with leather gloves tapping a glowing blue lock icon on a transparent touchscreen with ones and zeroes raining down in green onto a circuit board jason SYSTEMATIC NETWORK SECURITY
More informationMcAfee Network Security Platform 9.1
9.1.7.15-9.1.5.9 Manager-NS-series Release Notes McAfee Network Security Platform 9.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues
More informationCounterACT DHCP Classifier Plugin
CounterACT DHCP Classifier Plugin Version 2.0.7 and Above Table of Contents About the CounterACT DHCP Classifier Plugin... 3 What to Do... 3 Requirements... 4 Install the Plugin... 4 Concepts, Components,
More informationCONGA: Distributed Congestion-Aware Load Balancing for Datacenters
CONGA: Distributed Congestion-Aware Load Balancing for Datacenters By Alizadeh,M et al. Motivation Distributed datacenter applications require large bisection bandwidth Spine Presented by Andrew and Jack
More informationAn Analysis of various web tracking methods
Rochester Institute of Technology RIT Scholar Works Theses Thesis/Dissertation Collections 11-16-2012 An Analysis of various web tracking methods William Huba Follow this and additional works at: http://scholarworks.rit.edu/theses
More informationForescout. Configuration Guide. Version 2.2
Forescout Version 2.2 Contact Information Forescout Technologies, Inc. 190 West Tasman Drive San Jose, CA 95134 USA https://www.forescout.com/support/ Toll-Free (US): 1.866.377.8771 Tel (Intl): 1.408.213.3191
More informationMaster Course Computer Networks IN2097
Chair for Network Architectures and Services Prof. Carle Department for Computer Science TU München Master Course Computer Networks IN2097 Chapter 7 - Network Measurements Introduction Architecture & Mechanisms
More informationinforouter V8.0 Server & Client Requirements
inforouter V8.0 Server & Client Requirements Please review this document thoroughly before proceeding with the installation of inforouter Version 8. This document describes the minimum and recommended
More informationNGFW Security Management Center
NGFW Security Management Center Release Notes 6.4.5 Revision A Contents About this release on page 2 System requirements on page 2 Build version on page 3 Compatibility on page 4 New features on page 5
More informationIntroduction to HTTP. Jonathan Sillito
Introduction to HTTP Jonathan Sillito If you interested in working with a professor next Summer 2011 apply for an NSERC Undergraduate Student Award. Students must have a GPA of 3.0 or higher to be eligible.
More informationPearson Hosted System Requirements SuccessMaker 9 3/31/2017
3/31/2017 March 31, 2017 Copyright 2017 Pearson Education, Inc. or one or more of its direct or indirect affiliates. All rights reserved. Pearson and SuccessMaker are registered trademarks, in the U.S.
More informationPerceptive DataTransfer
Perceptive DataTransfer System Overview Version: 6.2.x Written by: Product Documentation, R&D Date: January 2013 2013 Perceptive Software. All rights reserved CaptureNow, ImageNow, Interact, and WebNow
More informationIBM Aurora Flow-Based Network Profiling System
IBM Aurora Flow-Based Network Profiling System Technical Aspects http://www.zurich.ibm.com/aurora/ Email: Jeroen Massar SwiNOG #15 4 December 2007 www.zurich.ibm.com/aurora
More informationCisco IOS Flexible NetFlow Command Reference
Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION
More informationIntroduction to Network Discovery and Identity
The following topics provide an introduction to network discovery and identity policies and data: Host, Application, and User Detection, page 1 Uses for Host, Application, and User Discovery and Identity
More informationFlows at Masaryk University Brno
Flows at Masaryk University Brno Jan Vykopal Masaryk University Institute of Computer Science GEANT3/NA3/T4 meeting October 21st, 2009, Belgrade Masaryk University, Brno, Czech Republic The 2nd largest
More informationTools for Security Analysis of Traffic on L7 Practical course
www.liberouter.org Tools for Security Analysis of Traffic on L7 Practical course 50th TF-CSIRT meeting and FIRST Regional Symposium for Europe Security Tools as a Service Flow monitoring overview Flow
More informationForeScout CounterACT. Plugin. Configuration Guide. Version 2.1
ForeScout CounterACT Core Extensions Module: DHCP Classifier Plugin Version 2.1 Table of Contents About the DHCP Classifier Plugin... 3 What to Do... 3 Requirements... 3 Verify That the Plugin Is Running...
More informationAccessing your Check Point VPN
NOTE: The VPN only provides remote access to the network, any required native applications will need to be compatible with your local system. STEP 1 Open your Internet Explorer web browser and enter the
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationIntroduction to Network Discovery and Identity
The following topics provide an introduction to network discovery and identity policies and data: Host, Application, and User Detection, on page 1 Uses for Host, Application, and User Discovery and Identity
More informationSoftware Defined Networks and OpenFlow. Courtesy of: AT&T Tech Talks.
MOBILE COMMUNICATION AND INTERNET TECHNOLOGIES Software Defined Networks and Courtesy of: AT&T Tech Talks http://web.uettaxila.edu.pk/cms/2017/spr2017/temcitms/ MODULE OVERVIEW Motivation behind Software
More informationDimensioning enterprise cloud platforms for Bring Your Own Devices (BYOD) BYOD Device Emulation and Policy Analysis
Dimensioning enterprise cloud platforms for Bring Your Own Devices (BYOD) BYOD Device Emulation and Policy Analysis Enterprise Policy Management for BYOD Dimensioning enterprise cloud platforms for BYOD
More informationSage CRM 7.3 SP2 Software Support Matrix
Sage CRM 7.3 SP2 Software Support Matrix Revision: IMP-MAT-ENG-73SP2-1.0 Updated: May 2018 2018, The Sage Group plc or its licensors. Sage, Sage logos, and Sage product and service names mentioned herein
More informationHistory Page. Barracuda NextGen Firewall F
The Firewall > History page is very useful for troubleshooting. It provides information for all traffic that has passed through the Barracuda NG Firewall. It also provides messages that state why traffic
More informationIntegrate Apache Web Server
Publication Date: January 13, 2017 Abstract This guide helps you in configuring Apache Web Server and EventTracker to receive Apache Web server events. The detailed procedures required for monitoring Apache
More informationNetwork Function Property Algorithm. CounterACT Technical Note
Table of Contents About the Network Function Property... 3 Network Function Algorithm Criteria... 4 1. Manual Classification... 4 2. Managed CounterACT Appliance... 4 3. Managed Endpoint... 4 4. Switch
More informationCSE 333 Lecture HTTP
CSE 333 Lecture 19 -- HTTP Hal Perkins Paul G. Allen School of Computer Science & Engineering University of Washington Administrivia HW4 due a week from Thursday - How s it look? Today: http; finish networking/web
More informationTo get a feel for how to use the FIREWALL > Live page in NextGen Admin, watch the following video:
Under the Live tab, you can view and filter real-time information for the traffic that passes through the Barracuda NextGen Firewall F-Series. You can also manage the traffic sessions. To access the Live
More informationProduct Documentation
(/en-us.html) Product Documentation Browse Browse StoreFront 3.1 Technology Preview Search Download full document PDF DOCX PRINT EMAIL System requirements Nov. 12, 2015 When planning your installation,
More informationChanging The User Agent String In Safari User Guide For Web Developers
Changing The User Agent String In Safari User Guide For Web Developers If you wish to simulate another type of browser by changing the User Agent or UA String in the Safari web browser for Windows or Mac
More informationVersion of 22 OCBC Bank. All Rights Reserved
Velocity@ocbc Clear Cache Guide Click here for Windows guide Click here for Mac OS guide Version 2.0 1 of 22 Step 1: Check your browser version 1. Type www.whatismybrowser.com at the address bar and press
More information# $xxxterm$ # NOTE: browser_mode MUST be the first entry in this file! # normal browser operation (default) # browser_mode = normal
Downloaded from: justpaste.it/xxxtermconf $xxxterm$ NOTE: browser_mode MUST be the first entry in this file! normal browser operation (default) browser_mode = normal prevent tracking operation browser_mode
More informationSoftware-Defined Networking (Continued)
Software-Defined Networking (Continued) CS640, 2015-04-23 Announcements Assign #5 released due Thursday, May 7 at 11pm Outline Recap SDN Stack Layer 2 Learning Switch Control Application Design Considerations
More informationBROWSERS OPTIMIZATION
BROWSERS OPTIMIZATION To allow your browser to function more effectively, we recommend that you Clear your browser cache (delete temporary files) and Remove any compatibility view option previously selected
More informationNetwork Security Platform 8.1
8.1.7.82-8.1.3.100 Manager-M-series Release Notes Network Security Platform 8.1 Revision B Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product
More informationDNS(SEC) client analysis
DNS(SEC) client analysis powered by assisted by Bart Gijsen (TNO) DNS-OARC, San Francisco, March 2011 Overview DNS traffic analysis CLIENT [8], [9] Applic. browser Operating system DNS stub [7] Resolver
More informationBlackboard Collaborate Launcher for Mac OS X
Blackboard Collaborate Launcher for Mac OS X What Is the Blackboard Collaborate Launcher? The Blackboard Collaborate Launcher is a software application for Mac OS X 10.8.4 and higher. The Launcher provides
More informationFlexible NetFlow - Top N Talkers Support
This document contains information about and instructions for using the Flexible NetFlow - Top N Talkers Support feature. The feature helps you analyze the large amount of data that Flexible NetFlow captures
More information( , *) one-to-many: e.g., scanning (*, ) many-to-one: e.g., DDoS ( /24, /28) subnet-to-subnet
(1.2.3.4, *) one-to-many: e.g., scanning (*, 5.6.7.8) many-to-one: e.g., DDoS (1.2.3.0/24, 4.5.6.0/28) subnet-to-subnet 2 c φn φ: N: 0.0.0.0/0 0.0.0.0/0 10.1/16 192.168/16 10.1/16 192.168/16 10.1.1/24
More informationConcept: Traffic Flow. Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig
Concept: Traffic Flow Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig 1 Passive measurement capabilities: Packet monitors Available data: All protocol information All content Possible analysis: Application
More informationESET Remote Administrator 6. Version 6.0 Product Details
ESET Remote Administrator 6 Version 6.0 Product Details ESET Remote Administrator 6.0 is a successor to ESET Remote Administrator V5.x, however represents a major step forward, completely new generation
More informationPacket Header Formats
A P P E N D I X C Packet Header Formats S nort rules use the protocol type field to distinguish among different protocols. Different header parts in packets are used to determine the type of protocol used
More informationConfiguring NetFlow. Information About NetFlow. What is a Flow. This chapter contains the following sections:
This chapter contains the following sections: Information About NetFlow, page 1 Guidelines and Limitations for NetFlow, page 9 Default Settings for NetFlow, page 10 Enabling the NetFlow Feature, page 11
More informationConfiguring ARP attack protection 1
Contents Configuring ARP attack protection 1 ARP attack protection configuration task list 1 Configuring unresolvable IP attack protection 1 Configuring ARP source suppression 2 Configuring ARP blackhole
More informationHow to clear a web browsers cache, cookies and history last updated on 8/28/2013
How to clear a web browsers cache, cookies and history last updated on 8/28/2013 About cache, cookies, and history Each time you access a file through your web browser, the browser caches (i.e., stores)
More informationUsing HTML Access. VMware Horizon HTML Access 4.0 VMware Horizon HTML Access 3.5 VMware Horizon HTML Access 3.4
VMware Horizon HTML Access 4.0 VMware Horizon HTML Access 3.5 VMware Horizon HTML Access 3.4 You can find the most up-to-date technical documentation on the VMware Web site at: https://docs.vmware.com/
More informationMcAfee Network Security Platform 9.1
9.1.7.15-9.1.3.4 Manager-M-series, Mxx30-series, XC Cluster Release Notes McAfee Network Security Platform 9.1 Revision A Contents About this release New features Enhancements Resolved issues Installation
More informationFlowMatrix Tutorial. FlowMatrix modus operandi
FlowMatrix Tutorial A message from the creators: When developing FlowMatrix our main goal was to provide a better and more affordable network anomaly detection and network behavior analysis tool for network
More informationNetwork Security Platform 8.1
8.1.7.100-8.1.3.130 Manager-M-series Release Notes Network Security Platform 8.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues
More informationNetwork Element Configuration
The following describes how to configure Flexible NetFlow and NTP servers on your ISR. Configuring a Network Element, page 1 NTP Configuration, page 1 NetFlow Configuration, page 2 Configuring a Network
More informationThe following topics describe how to configure correlation policies and rules.
The following topics describe how to configure correlation policies and rules. Introduction to and Rules, page 1 Configuring, page 2 Configuring Correlation Rules, page 5 Configuring Correlation Response
More information