Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: A useful oversimplification for network surveillance?

  • From: Nicolas FISCHBACH
  • Date: Tue Aug 30 18:57:19 2005

Howard C. Berkowitz wrote:

I'm developing some guidance for ISP surveillance for infrastructure attacks, and my increasing impression is that for other than the expert level, there may be some useful simplifications of the applicability of tools. Remember that I am speaking of surveillance here, not the detailed analysis in a sinkhole. Perhaps this could be the basis of some security architecture presentations/tutorials at NANOG.
Have a look at these two presentations, the first covers most of the
items you listed, the second one, while more enterprise-oriented also
applies to large SP management networks.

"Building an Early Warning System in a Service Provider Network"
 http://www.securite.org/presentations/secip/BHEU2004-NF-SP-EWS-v11.ppt
 http://www.securite.org/presentations/secip/BHEU2004-NF-SP-EWS-v11.zip (PDF)

"Network flows and Security"
 http://www.securite.org/presentations/secip/BHEU2005-NetflowSecurity-NF-v101.ppt
 http://www.securite.org/presentations/secip/BHEU2005-NetflowSecurity-NF-v101.pdf

Nico.
--
Nicolas FISCHBACH (nico@securite.org) <http://www.securite.org/nico/>
Senior Manager - IP Engineering/Security - COLT Telecom
Securite.Org Team - http://www.securite.org/







Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.