Automatic Network Protection Scenarios Using NetFlow



Year of publication 2012
Type R&D Presentation
MU Faculty or unit

Institute of Computer Science

Attached files
Description Protecting a computer network against various types of network attacks is becoming more difficult due to increasing speeds of current computer networks and due to new types of network threats appearing every day. NetFlow monitoring is used with advantage to inspect all incoming traffic and detect attacks against monitored networks. In this presentation we will describe five scenarios using NetFlow for an automatic protection of a local network: 1) NetFlow monitoring and remotely triggered black hole filtering; 2) NetFlow monitoring and firewalling; 3) NetFlow monitoring and phishing quarantine; 4) NetFlow monitoring and traffic shaping; and 5) NetFlow monitoring and counter-attacking. These scenarios will be illustrated using the example of an SSH brute force attack. Possibilities to use a hardware device for NetFlow monitoring and traffic filtering will be discussed and compared to software alternatives.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info