Video Converter
Audio Converter
Image Converter
PDF Converter
File Compressor
sans isc free software

SANS ISC Free Software RMLLSEC16 Rump Session SANS Internet Storm - PowerPoint PPT Presentation

Aug 30, 2022 •384 likes •510 views

SANS ISC Free Software RMLLSEC16 Rump Session SANS Internet Storm Center Created in 2001 to track the Li0n worm Today, sensors covers 500K IPs from 50 countries Data collection, analysis and warning system (like weather forecasts)

  1. SANS ISC Free Software RMLLSEC16 Rump Session

  2. SANS Internet Storm Center • Created in 2001 to track the Li0n worm • Today, sensors covers 500K IPs from 50 countries • Data collection, analysis and warning system (like weather forecasts) • Operated by volunteers (“handlers”)

  3. Infocon

  4. Data Collection • SSH honeypots • HTTP honeypots • Web: 404 pages, CRL, HTTP headers • DShield

  5. DShield Sensor • SW: Modified version of Cowrie • HW: Raspberry (or any other entry-level hardware) • https://github.com/DShield-ISC/dshield

  6. DShield Client • Collects src_ip, src_port_, dst_ip, dst_port, proto, count • Available for many (1) clients • Easy to write your own client (2) 
 (I wrote mine for OSSEC) (1) https://www.dshield.org/howto.html#clients (2) https://www.dshield.org/specs.html

  7. Top-20 Block List https://isc.sans.edu/block.txt

  8. Statistics

  9. API https://isc.sans.edu/api/ # curl -L http://isc.sans.edu/api/ip/103.238.68.242 <?xml version="1.0" encoding="UTF-8"?> <ip><number>103.238.68.242</number><count>4831</count><attacks>16</attacks><maxdate>2016-07-04</ maxdate><mindate>2015-10-30< /mindate><updated>2016-07-04 11:03:51</updated><comment></comment><maxrisk></maxrisk><asabusecontact>tech@vnnic.vn</ asabusec ontact><as>24088</as><asname><![CDATA[HANOITELECOM-AS-AP Hanoi Telecom Joint Stock Company - HCMC Branch,]]></ asname><ascoun try>VN</ascountry><assize>4349</assize><network>103.238.68.0/24</ network><threatfeeds><blocklistde22><lastseen>2016-06-18</l astseen><firstseen>2015-10-31</firstseen></blocklistde22><blocklistde25><lastseen>2016-07-04</ lastseen><firstseen>2016-02-11 </firstseen></blocklistde25><emergincompromised><lastseen>2015-12-03</lastseen><firstseen>2015-11-24</firstseen></ emergincom promised><openbl_ssh><lastseen>2016-07-04</lastseen><firstseen>2016-01-04</firstseen></openbl_ssh></threatfeeds></ip>

  10. Color My Logs

  11. https://isc.sans.edu <xmertens@isc.sans.edu>

Recommend

De lInstant Payment un monde sans cut-off De lInstant Payment un monde sans cut-off

De lInstant Payment un monde sans cut-off De lInstant Payment un monde sans cut-off

De lInstant Payment un monde sans cut-off De lInstant Payment un monde sans cut-off De lInstant Payment un monde sans cut-off Organis par la commission Cash Management International David Hleschewitz Xavier Aublet Agns

1.04k views • 49 slides
Overview L8.1 Introduction to Small Angle Neutron Scattering L8.2 SANS Instrumentation

Overview L8.1 Introduction to Small Angle Neutron Scattering L8.2 SANS Instrumentation

Overview L8.1 Introduction to Small Angle Neutron Scattering L8.2 SANS Instrumentation EX8 Virtual SANS Experiment L9.1 How to do a SANS Experiment L9.2 Small Angle Scattering Data Analysis F9.3 Applications of SANS

1.06k views • 47 slides
Overview L8.1 Introduction to Small Angle Neutron Scattering L8.2 SANS Instrumentation

Overview L8.1 Introduction to Small Angle Neutron Scattering L8.2 SANS Instrumentation

Overview L8.1 Introduction to Small Angle Neutron Scattering L8.2 SANS Instrumentation EX8 Virtual SANS Experiment L9.1 How to do a SANS Experiment L9.2 Small Angle Scattering Data Analysis F9.3 Applications of SANS

791 views • 60 slides
Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics

Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics

The 16 th Meeting of the ISC: Activity Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics Participants Working Group Workshops &amp; Activities Stock Status &amp; Conservation Advice Interactions

409 views • 20 slides
Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics

Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics

The 16 th Meeting of the ISC: Activity Report Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics Participants Working Group Workshops &amp; Activities Stock Status &amp; Conservation Advice Interactions

351 views • 17 slides
Assessment 2016 Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics

Assessment 2016 Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics

ISC Pacific Bluefin Tuna Stock Assessment 2016 Gerard DiNardo ISC Chairman http://isc.ac.affrc.go.jp Presentation Topics Assessment Model structural overview 2014 vs 2016 Data and Assumptions Results Fits to the data

263 views • 25 slides
Open Source Passive DNS Replication Robert Edmonds ( edmonds@isc.org ) October 14, 2012 ISC

Open Source Passive DNS Replication Robert Edmonds ( edmonds@isc.org ) October 14, 2012 ISC

Open Source Passive DNS Replication Robert Edmonds ( edmonds@isc.org ) October 14, 2012 ISC Passive DNS and ISC DNSDB Sensor collects DNS response packets Packets parsed into DNS records Verification De-duplication Filtering

166 views • 13 slides
Adams-ISC Products &amp; Services for the Oil &amp; Gas Industry Adams-ISC, LLC. Located in

Adams-ISC Products &amp; Services for the Oil &amp; Gas Industry Adams-ISC, LLC. Located in

Adams-ISC Products &amp; Services for the Oil &amp; Gas Industry Adams-ISC, LLC. Located in Williston, ND &amp; Rapid City, SD Subsidiary company of ISC Companies, Inc. headquartered in Minneapolis, MN Four specialized groups under

734 views • 40 slides
Free Software and the Environment Ben ONeill What makes free software good? What makes free

Free Software and the Environment Ben ONeill What makes free software good? What makes free

Free Software and the Environment Ben ONeill What makes free software good? What makes free software good? Ethical What makes free software good? Ethical Collaborative What makes free software good? Ethical Collaborative

592 views • 26 slides
When Free Software Isn't Better When Free Software Isn't Better benjamin mako hill :: when

When Free Software Isn't Better When Free Software Isn't Better benjamin mako hill :: when

When Free Software Isn't Better When Free Software Isn't Better benjamin mako hill :: when free software isn't better Why free software isn't always very good, why that's not a problem, and how we make it better. Free Software is... Free

690 views • 43 slides
Kea An Open-Source DHCP Server Stephen Morris Internet Systems Consortium stephen@isc.org ISC

Kea An Open-Source DHCP Server Stephen Morris Internet Systems Consortium stephen@isc.org ISC

Kea An Open-Source DHCP Server Stephen Morris Internet Systems Consortium stephen@isc.org ISC DHCP Open-Source First version released in 1997 Default DHCP software in many distributions Server/relay/client for IPv4 &amp; IPv6

304 views • 13 slides
Presentation Guidelines Design Basics Use a sans serif font for body text. Sans serifs like

Presentation Guidelines Design Basics Use a sans serif font for body text. Sans serifs like

If this information is required in an alternative format, please call 905-623-3379 x 2131 Presentation Guidelines Design Basics Use a sans serif font for body text. Sans serifs like Arial, Helvetica, Calibri or Tahoma tend to be the easiest

406 views • 3 slides
Lance Spitzner securingthehuman.sans.org lspitzner@sans.org @securethehuman EMET WindowsOS

Lance Spitzner securingthehuman.sans.org lspitzner@sans.org @securethehuman EMET WindowsOS

Lance Spitzner securingthehuman.sans.org lspitzner@sans.org @securethehuman EMET WindowsOS Microsoft Security Essentials Encrypted File System WindowsOS vs. HumanOS AppLocker Mandatory Integrity Control Windows Service Hardening Security

644 views • 26 slides
Complementary use of SAXS and SANS Complementary use of SAXS and SANS Jill Trewhella Trewhella

Complementary use of SAXS and SANS Complementary use of SAXS and SANS Jill Trewhella Trewhella

Complementary use of SAXS and SANS Complementary use of SAXS and SANS Jill Trewhella Trewhella Jill University of Sydney University of Sydney Conceptual diagram of the small-angle scattering experiment The conceptual experiment and theory

1.03k views • 54 slides
To Touc uch h Bakery Inc / BOULANGERIE HACCP 2011 1 NUT FREE/SANS NOIX To Touc uch

To Touc uch h Bakery Inc / BOULANGERIE HACCP 2011 1 NUT FREE/SANS NOIX To Touc uch

NUT FREE/SANS NOIX To Touc uch h Bakery Inc / BOULANGERIE HACCP 2011 1 NUT FREE/SANS NOIX To Touc uch h Bakery Inc / BOULANGERIE Our companys story : Purchased Nov, 2004 by Allan Swartz Relocated Feb, 2005 to London from

497 views • 21 slides
READINESS LEADS MEETING WELCOME Nancy Jagger Executive Director, ISC 2 AGENDA Welcome

READINESS LEADS MEETING WELCOME Nancy Jagger Executive Director, ISC 2 AGENDA Welcome

READINESS LEADS MEETING WELCOME Nancy Jagger Executive Director, ISC 2 AGENDA Welcome ISC Update Partnering with the ISC Shared Learnings to Date Looking Ahead Campus Engagement 2.0 Preparing for Autumn Quarter

481 views • 35 slides
means of Natural Language Processing Viorel Morari Chair of Web Technology and Information

means of Natural Language Processing Viorel Morari Chair of Web Technology and Information

Mining Rhetorical Devices by means of Natural Language Processing Viorel Morari Chair of Web Technology and Information Systems Master Thesis Defense January 23 rd , 2018 viorel.morari@uni-weimar.de Prof. Dr. Benno Stein Advisor: Khalid

1.92k views • 151 slides
Parallelism vs. Concurrency Key concerns Concurrency: Parallelism: Correctly

Parallelism vs. Concurrency Key concerns Concurrency: Parallelism: Correctly

12/9/15 Parallelism vs. Concurrency Key concerns Concurrency: Parallelism: Correctly and efficiently manage Use extra resources to access to shared resources solve a problem

432 views • 3 slides
Searching with turn cost and related problems Spyros Angelopoulos CNRS-UPMC Joint work with

Searching with turn cost and related problems Spyros Angelopoulos CNRS-UPMC Joint work with

Searching with turn cost and related problems Spyros Angelopoulos CNRS-UPMC Joint work with Diogo Arsenio Christoph Drr Alex Lopez-Ortiz CNRS CNRS Univ. of Waterloo Monday, April 7, 14 Outline of the presentation Monday, April 7, 14

1.43k views • 109 slides
Write Amplification: An Analysis of In-Memory Database Durability Techniques Jaemyung Kim ,

Write Amplification: An Analysis of In-Memory Database Durability Techniques Jaemyung Kim ,

Write Amplification: An Analysis of In-Memory Database Durability Techniques Jaemyung Kim , Kenneth Salem, Khuzaima Daudjee University of Waterloo IMDM 2015 Durability Matters OLTP IMDB Orders of magnitude faster! I/O is unavoidable! (ACID,

422 views • 39 slides
Report of International Tsunami Expedition to Madagascar August 28 September 12, 2006

Report of International Tsunami Expedition to Madagascar August 28 September 12, 2006

Report of International Tsunami Expedition to Madagascar August 28 September 12, 2006 Participants: Dr. Dallas Abbott- Lamont Doherty Earth Observatory of Columbia University, New York, USA Dr. Edward A. Bryant-University of Wollongong,

1.25k views • 5 slides
A Random History of Mining A Random History of Mining (And thus the industrial revolution) (And

A Random History of Mining A Random History of Mining (And thus the industrial revolution) (And

A Random History of Mining A Random History of Mining (And thus the industrial revolution) (And thus the industrial revolution) Matthew Dockrey A Day That Will Live In Infamy, 2009 The Neolithic The Neolithic Flint, Obsidian, Chert,

761 views • 32 slides
3 3 years years Rev. 16:1, Then I heard a loud voice from the temple saying to

3 3 years years Rev. 16:1, Then I heard a loud voice from the temple saying to

The Seven Thunders Rev. 10:4 Sealed up and unwritten 3 3 years years Rev. 16:1, Then I heard a loud voice from the temple saying to the seven angels, Go and pour out the bowls of the wrath of God on the earth.

538 views • 12 slides
Native American Folktales 01.29.12 || English 2327: Am erican Literature I || D. Glen Sm ith,

Native American Folktales 01.29.12 || English 2327: Am erican Literature I || D. Glen Sm ith,

Native American Folktales 01.29.12 || English 2327: Am erican Literature I || D. Glen Sm ith, instructor Com prehension of Folk Stories It is im portant to rem em ber these stories were never intended to be written as a perm anent cultural

336 views • 8 slides

More recommend

Explore More Topics

Stay informed with curated content and fresh updates.

animals pets art culture automotive transportation business finance computer internet construction architecture education-career electronics communication

Logo Sambuz

Unleash a World of Digital Possibilities—Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Contact

Newsletter

Stay Informed & Inspired—Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2026 SAMBUZ, All right reserved.