ZacFran/network_analysis.md

Last active August 11, 2023 12:40

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/ZacFran/1b77653ab538eb0bd529da376f31075b.js"></script>
Save ZacFran/1b77653ab538eb0bd529da376f31075b to your computer and use it in GitHub Desktop.

Download ZIP

Raw

network_analysis.md

Notes

Fingerprinting

identification of a remote system

POF

a command line tool with will identify the type of system and browser.

Traffic Baselining

Snapshot of network traffic over a given amount of time.

Network data types

full packet capture data
session data

sflow
Netflow

Statistical data
packet string data
alert data
log data

DATA Collection Devices

IN-line
Passive

Collection Methods

TAP
SPAN
ARP Spoofing (MitM)

Anomaly Detection

Indicator of Attack
Indicator of Compromise

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment