95-855 Network Situational Awareness
Search this site
Syllabus
Schedule
01 - Intro and Current Events
02 - Layer 3 Services
03 - Layer 3 Services (2)
04 - Layer 2 Addressing
05 - Layer 2 Routing
06 - Layer 2 Anomalies
07 - Layer 1 Local
08 - NetSA
09 - Layer 1 Global
10 - Layer 1 Global (Cont'd)
11 - Malware, Sensor Grids
12 - NetSA and IW
13 - Intel and Global Network Conflict
14 - The NOC
Homework
Flow Analysis
References
Sitemap
Flow Analysis
This page bookmarks some reference material you may find useful for flow analysis.
The 5-page
BASH Quick Reference Guide
The 2-page
UNIX Quick Reference Guide
The 1-page
vi quick reference guide
The 2-page
EMACS Quick Reference Guide
TCP/IP and tcpdump Pocket Reference Guide
, a great 2-page handout with all the common IP, UDP and TCP fields
Packet Analysis Reference Guide v1.0
, an Excel spreadsheet of headers for common packets and lookups for common options
BASH scripting
, a brief slide presentation on shell commands for begging flow analysts
The
Gnuplot Manual
A slide deck on
flow analysis
with SiLK
A slide deck on
Network Profiling
using SiLK
The SEI Tech
Report on Network Profiling using Flow
You have to contact me directly for information on how to connect to the live analysis server.
Comments