Full packet capture for the masses
Key | Action |
---|---|
K or space | Play / Pause |
M | Mute / Unmute |
C | Select next subtitles |
A | Select next audio track |
V | Show slide in full page or toggle automatic source change |
left arrow | Seek 5s backward |
right arrow | Seek 5s forward |
shift + left arrow or J | Seek 10s backward |
shift + right arrow or L | Seek 10s forward |
control + left arrow | Seek 60s backward |
control + right arrow | Seek 60s forward |
shift + down arrow | Decrease volume |
shift + up arrow | Increase volume |
shift + comma | Decrease playback rate |
shift + dot or shift + semicolon | Increase playback rate |
end | Seek to end |
beginning | Seek to beginning |
Share this media
Download links
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamWhen subscribed to notifications, an email will be sent to you for all added annotations.
Your user account has no email address.
Information on this media
Links:
Number of views:
128Creation date:
July 3, 2018Speakers:
Xavier MertensLicense:
CC BY-SA v4Description
When you are facing a security incident, your investigations will depend on the data that you can analyze. If logs are often the first source of evidence, sometimes, it could be interesting to have access to a full packet capture to “dive deeper” in the traffic generated from/to the compromised network or host. Full packet capture (FPC) is like your insurance, you implement it and you never know if you’ll have to use it… Until something weird happened! In my presentation, I’ll present a simple way to implement FPC for small organizations and based on open source solutions (Moloch, Docker) and how to interconnect them. This talk is an extension of my SANS ISC diary (The easy way to analyze huge amounts of PCAP data) with more practical details.
Xavier Mertens
Xavier is a freelance security consultant based in Belgium. His daily job focuses on protecting his customer’s assets by applying “offensive” (pentesting) as well as “defensive” security (incident handling, forensics, log management, SIEM, security visualisation, OSINT). Besides his daily job, Xavier is also a security blogger , an ISC SANS handler and co-organizer of the BruCON security conference.
Other media in the channel "2018"
- 109 views, 7 this yearGlassfish from (IN)Secure adminJuly 6th, 2018
- 160 views, 3 this yearShadow on the Wall - Risks and Flaws with ShadowsocksJuly 6th, 2018
- 57 views, 4 this yearOpen Hardware for (software) offensive securityJuly 6th, 2018
- 48 views, 4 this yearFreedom Fighting Mode - Open Source Hacking HarnessJuly 6th, 2018
- 76 views, 1 this yearExpl-iot: IoT Security Testing FrameworkJuly 6th, 2018
- 23 viewsIo(M)T Security: A year in reviewJuly 6th, 2018