Page 1 of 1
Cyber Threat Hunting in NNA
Posted: Fri Feb 07, 2020 8:40 am
by alopera
I want create querys for Cyber Threat Hunting using the data of NNA.
For example (a stupid example), detect the ping of death with netflow
is there anything done?
Re: Cyber Threat Hunting in NNA
Posted: Fri Feb 07, 2020 12:12 pm
by mbellerue
This is usually accomplished with queries. Check out this article for more information.
https://support.nagios.com/kb/article/n ... es-74.html
There area a couple of example queries that come with NNA. One of which is checking for common bot net ports being accessed. As long as you know what you're looking for, you should be able to query for it.
Re: Cyber Threat Hunting in NNA
Posted: Sat Feb 08, 2020 3:43 am
by alopera
Yes, I know
I want more examples (botnets) for use in NNA.
is there more examples?
Re: Cyber Threat Hunting in NNA
Posted: Mon Feb 10, 2020 4:34 pm
by benjaminsmith
Hi
@alopera,
Please see PM.