Networking
YouTube IP Hijacking
Saturday 24 February a Pakistan AS started an unauthorized announcement of YouTube IP class.Here you can found a RIPE case study:http://www.ripe.net/news/study-youtube-hijacking.html
Sniffing: SPAN port vs TAP
Sometimes the only way to do network monitoring and sniffing is using SPAN ports on network devices.I think that SPAN its not all bad but you must know that its limitations to be compliance with your requirements. This article can explain a lot of things that for a lot of network administrators is a unexplored [...]
PHPIDS
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on [...]
Documentation about Netflow
Here is some documentation about NetFlow, slides, papers, and how to:
The Ultimate Netflow Data Realtime Analysis
nProbe: an Open Source NetFlow Probe for Gigabit Networks
NetFlow Version 9
NetFlow: Information loss or win?
Netflow Tools NfSen and NFDUMP
Cisco NetFlow and NBAR
NetFlow @ DANTE
Traffic Monitoring with Netflow
Cisco CNS NetFlow Collection Engine Version
Scrutinizer & Firewalls
Bitmap Algorithms for Counting Active Flows on [...]
Papers about NetFlow applications
Properties
and Prediction of Flow Statistics from Sampled Packet Streams
Nick Duffield, Carsten Lund, Mikkel Thorup, Proc. ACM SIGCOMM
IMC, 2002. A detailed investigation of the effects of packet sampling
on flow-based traffic accounting.
TCP Use and Performance on Internet2
Stanislav Shalunov, Benjamin Teitelbaum, ACL SIGCOMM IMW, 2001.
See the pointer to the
Abilene usage report page in [...]