Submit Search
Upload
Detecting Recon with Logs and IDS
•
Download as ODP, PDF
•
0 likes
•
211 views
AI-enhanced title
M
Morten Nielsen
Follow
Technology
Report
Share
Report
Share
1 of 9
Download now
Recommended
Windows Threat Hunting
Windows Threat Hunting
GIBIN JOHN
Sophos intercept-x
Sophos intercept-x
Merrymary Tom
Hunting before a Known Incident
Hunting before a Known Incident
EndgameInc
Ready set hack
Ready set hack
GDSCBVCOENM
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On Lab
Teymur Kheirkhabarov
Intrusion detection using data mining
Intrusion detection using data mining
balbeerrawat
Itt2 its introduction
Itt2 its introduction
Morten Nielsen
Itet2 its authorative sources
Itet2 its authorative sources
Morten Nielsen
Recommended
Windows Threat Hunting
Windows Threat Hunting
GIBIN JOHN
Sophos intercept-x
Sophos intercept-x
Merrymary Tom
Hunting before a Known Incident
Hunting before a Known Incident
EndgameInc
Ready set hack
Ready set hack
GDSCBVCOENM
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On Lab
Teymur Kheirkhabarov
Intrusion detection using data mining
Intrusion detection using data mining
balbeerrawat
Itt2 its introduction
Itt2 its introduction
Morten Nielsen
Itet2 its authorative sources
Itet2 its authorative sources
Morten Nielsen
Itt3 its acl
Itt3 its acl
Morten Nielsen
Itet3 its forensics
Itet3 its forensics
Morten Nielsen
ITET3 ITS governance
ITET3 ITS governance
Morten Nielsen
ITET1 Routing Application layer.odp
ITET1 Routing Application layer.odp
Morten Nielsen
Its presentation
Its presentation
Morten Nielsen
ITET3 Networking P2P
ITET3 Networking P2P
Morten Nielsen
Routing vlans
Routing vlans
Morten Nielsen
Itt2 its ssl and services
Itt2 its ssl and services
Morten Nielsen
Diagram cookbook
Diagram cookbook
Morten Nielsen
Itt1 intro knowing and doing
Itt1 intro knowing and doing
Morten Nielsen
Itt1 intro project management
Itt1 intro project management
Morten Nielsen
Itt3 virtual machines
Itt3 virtual machines
Morten Nielsen
ITET1 Routing Transport layer.odp
ITET1 Routing Transport layer.odp
Morten Nielsen
Power of logs: practices for network security
Power of logs: practices for network security
Information Technology Society Nepal
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012
Rian Yulian
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouni
Loay Elbasyouni
Logs for Information Assurance and Forensics @ USMA
Logs for Information Assurance and Forensics @ USMA
Anton Chuvakin
Msra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troyla
CTIN
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Anton Chuvakin
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
Natraj G
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
NoNameCon
Baselining Logs
Baselining Logs
Anton Chuvakin
More Related Content
Viewers also liked
Itt3 its acl
Itt3 its acl
Morten Nielsen
Itet3 its forensics
Itet3 its forensics
Morten Nielsen
ITET3 ITS governance
ITET3 ITS governance
Morten Nielsen
ITET1 Routing Application layer.odp
ITET1 Routing Application layer.odp
Morten Nielsen
Its presentation
Its presentation
Morten Nielsen
ITET3 Networking P2P
ITET3 Networking P2P
Morten Nielsen
Routing vlans
Routing vlans
Morten Nielsen
Itt2 its ssl and services
Itt2 its ssl and services
Morten Nielsen
Diagram cookbook
Diagram cookbook
Morten Nielsen
Itt1 intro knowing and doing
Itt1 intro knowing and doing
Morten Nielsen
Itt1 intro project management
Itt1 intro project management
Morten Nielsen
Itt3 virtual machines
Itt3 virtual machines
Morten Nielsen
ITET1 Routing Transport layer.odp
ITET1 Routing Transport layer.odp
Morten Nielsen
Viewers also liked
(13)
Itt3 its acl
Itt3 its acl
Itet3 its forensics
Itet3 its forensics
ITET3 ITS governance
ITET3 ITS governance
ITET1 Routing Application layer.odp
ITET1 Routing Application layer.odp
Its presentation
Its presentation
ITET3 Networking P2P
ITET3 Networking P2P
Routing vlans
Routing vlans
Itt2 its ssl and services
Itt2 its ssl and services
Diagram cookbook
Diagram cookbook
Itt1 intro knowing and doing
Itt1 intro knowing and doing
Itt1 intro project management
Itt1 intro project management
Itt3 virtual machines
Itt3 virtual machines
ITET1 Routing Transport layer.odp
ITET1 Routing Transport layer.odp
Similar to Detecting Recon with Logs and IDS
Power of logs: practices for network security
Power of logs: practices for network security
Information Technology Society Nepal
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012
Rian Yulian
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouni
Loay Elbasyouni
Logs for Information Assurance and Forensics @ USMA
Logs for Information Assurance and Forensics @ USMA
Anton Chuvakin
Msra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troyla
CTIN
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Anton Chuvakin
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
Natraj G
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
NoNameCon
Baselining Logs
Baselining Logs
Anton Chuvakin
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
guestc0c304
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Anton Chuvakin
Security Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM Gap
Eric Johansen, CISSP
Zentral combine power of osquery_santa
Zentral combine power of osquery_santa
Henry Stamerjohann
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
Anton Chuvakin
First Responders Course - Session 6 - Detection Systems [2004]
First Responders Course - Session 6 - Detection Systems [2004]
Phil Huggins FBCS CITP
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM Techniques
ReliaQuest
Log Mining: Beyond Log Analysis
Log Mining: Beyond Log Analysis
Anton Chuvakin
Intrusion detection
Intrusion detection
Programmer
Forensic Analysis - Empower Tech Days 2013
Forensic Analysis - Empower Tech Days 2013
Islam Azeddine Mennouchi
Data Mining and Intrusion Detection
Data Mining and Intrusion Detection
amiable_indian
Similar to Detecting Recon with Logs and IDS
(20)
Power of logs: practices for network security
Power of logs: practices for network security
SANS Digital Forensics and Incident Response Poster 2012
SANS Digital Forensics and Incident Response Poster 2012
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouni
Logs for Information Assurance and Forensics @ USMA
Logs for Information Assurance and Forensics @ USMA
Msra 2011 windows7 forensics-troyla
Msra 2011 windows7 forensics-troyla
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Using Logs for Breach Investigations and Incident Response by Dr Anton Chuvakin
Basic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Baselining Logs
Baselining Logs
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Logs for Incident Response and Forensics: Key Issues for GOVCERT.NL 2008
Security Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM Gap
Zentral combine power of osquery_santa
Zentral combine power of osquery_santa
Log Forensics from CEIC 2007
Log Forensics from CEIC 2007
First Responders Course - Session 6 - Detection Systems [2004]
First Responders Course - Session 6 - Detection Systems [2004]
Information Security: Advanced SIEM Techniques
Information Security: Advanced SIEM Techniques
Log Mining: Beyond Log Analysis
Log Mining: Beyond Log Analysis
Intrusion detection
Intrusion detection
Forensic Analysis - Empower Tech Days 2013
Forensic Analysis - Empower Tech Days 2013
Data Mining and Intrusion Detection
Data Mining and Intrusion Detection
More from Morten Nielsen
Itt2 its pki and certificates
Itt2 its pki and certificates
Morten Nielsen
Itt2 its ids
Itt2 its ids
Morten Nielsen
Itt2 its encrypted storage
Itt2 its encrypted storage
Morten Nielsen
Itt2 its introduction
Itt2 its introduction
Morten Nielsen
Itt1 sd requirements
Itt1 sd requirements
Morten Nielsen
Itt1 sd uml and oo
Itt1 sd uml and oo
Morten Nielsen
Itt3 its social engineering
Itt3 its social engineering
Morten Nielsen
Itet2 its social engineering
Itet2 its social engineering
Morten Nielsen
Itet2 its anatomy
Itet2 its anatomy
Morten Nielsen
More from Morten Nielsen
(9)
Itt2 its pki and certificates
Itt2 its pki and certificates
Itt2 its ids
Itt2 its ids
Itt2 its encrypted storage
Itt2 its encrypted storage
Itt2 its introduction
Itt2 its introduction
Itt1 sd requirements
Itt1 sd requirements
Itt1 sd uml and oo
Itt1 sd uml and oo
Itt3 its social engineering
Itt3 its social engineering
Itet2 its social engineering
Itet2 its social engineering
Itet2 its anatomy
Itet2 its anatomy
Recently uploaded
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
Alex Barbosa Coqueiro
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
LoriGlavin3
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Alan Dix
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
Mattias Andersson
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
BookNet Canada
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Lars Bell
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
LoriGlavin3
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
mohitsingh558521
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
Raghuram Pandurangan
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
LoriGlavin3
Recently uploaded
(20)
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Detecting Recon with Logs and IDS
1.
Counter reconnaissance
2.
3.
4.
Intrusion
5.
6.
Gather evidence
7.
Prevention
8.
Supply false information
9.
10.
Use log analysers
to data mine
11.
Decentralized log are
difficult, centralized are easier to analyse.
12.
13.
14.
AWstats example
15.
16.
17.
18.
19.
20.
Download now