I want create querys for Cyber Threat Hunting using the data of NNA.
For example (a stupid example), detect the ping of death with netflow
is there anything done?
Cyber Threat Hunting in NNA
Re: Cyber Threat Hunting in NNA
This is usually accomplished with queries. Check out this article for more information.
https://support.nagios.com/kb/article/n ... es-74.html
There area a couple of example queries that come with NNA. One of which is checking for common bot net ports being accessed. As long as you know what you're looking for, you should be able to query for it.
https://support.nagios.com/kb/article/n ... es-74.html
There area a couple of example queries that come with NNA. One of which is checking for common bot net ports being accessed. As long as you know what you're looking for, you should be able to query for it.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: Cyber Threat Hunting in NNA
Yes, I know
I want more examples (botnets) for use in NNA.
is there more examples?
I want more examples (botnets) for use in NNA.
is there more examples?
-
benjaminsmith
- Posts: 5324
- Joined: Wed Aug 22, 2018 4:39 pm
- Location: saint paul
Re: Cyber Threat Hunting in NNA
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Be sure to check out our Knowledgebase for helpful articles and solutions!
Be sure to check out our Knowledgebase for helpful articles and solutions!