Staring at #suricata #EVE #netflow logs... Is there any good tool out there to visualise those?

The U.S. military and FBI have previously bought access to netflow data from a company called Team Cymru. Now the IRS wants to buy products from the company too.
https://www.vice.com/en/article/93kwd7/irs-wants-to-buy-internet-mass-monitoring-tool-team-cymru-netflow
#netflow #CYBER #worldprivacy #worldnews #privacy #data #DataBrokers #IRS

📰 Article: US Gov Purchases ISP Netflow Data

(quote in article, Team Cymru) "explicitly markets its product’s capability of being able to track traffic through virtual private networks (VPN).. show w/server traffic originates from"

#VPN #News #Netflow #databrokers #surveillancecapitalism #ISP #privacy #infosec #cybersecurity #Tor #i2p #USA

https://www.vice.com/en/article/dy3z9a/fbi-bought-netflow-data-team-cymru-contract

Here is the FBI’s Contract to Buy Mass Internet Data

The #FBI previously purchased access to "netflow" data, which a company called Team #Cymru obtains from ISPs. #TeamCymru then sells it to the government.
#netflow

https://www.vice.com/en/article/dy3z9a/fbi-b

The FBI previously purchased access to "netflow" data, which a company called Team Cymru obtains from ISPs. Team Cymru then sells it to the government.
https://www.vice.com/en/article/dy3z9a/fbi-b
#netflow #CYBER #privacy #worldnews #worldprivacy #data #DataBrokers #teamcymru

My network is getting hammered by SSH scanners lately. Possibly checking for CVE-2023-25136. The IP below has sent over 2k flows in a day and Greynoise tags it as an SSH Bruteforcer and worm.
Another IP originating from Russia (92.63.197[.]82) has also sent just over 2k flows. Historical analysis shows it targeting previous SSH vulnerabilities.

#cve_2023_25136 #SSH #Netflow #Firewalla #IPS #SignalsIntelligence #Vulnerability

What’s up, home? part 38: Yes I have NetFlow at home, but what is it good for? https://www.whatsuphome.fi/whatsuphome/part38 #whatsuphome #netflow #elastiflow #elasticsearch #grafana #diagrams #data

What’s up, home? part 36: How I do NetFlow at home. https://www.whatsuphome.fi/whatsuphome/part36 #whatsuphome #netflow #elastiflow #elasticsearch #zabbix #grafana

Do you dream of #NetFlow and #CloudFlow? Want to develop new technologies for #visability and #detection of #network #threats? Come defend the #AtomizedNetwork, at #Netography: https://netography.com/netography-careers/?gh_jid=4140728005

Netflowlabeler is a Python tool to add labels to NetFlow text files developed by @eldraco at @stratosphere. If you have a NetFlow text file (e.g.: Zeek) and you want to add labels to it, you can add the labels and conditions to a configuration file and use this tool to assign them.
Repo: https://github.com/stratosphereips/netflowlabeler

#cybersecurity #datascience #machinelearning #networksecurity #zeek #netflow #networksecurity #datalabels #tools

There are many #introductions but this #intro is mine.

I'm a professional technical #generalist. I write #code, read code, research, discover problems, and develop solutions.

Been in some form of the computer industry starting in 1995. It's what pays the bills: Career trajectory was #dialup ISP #helpdesk ➡️ Corporate IT ➡️ firewall/IDS analyst ➡️ CERT/SOC #Technical #Leader ➡️ Cisco Talos Technical Lead ➡️ currently at Netography, solving security/threat monitoring through #Netflow.

For fun/enrichment/growth: I dabble in making #DJ mixes, #woodworking, #3dprinting /CAD, #circuit design, #music production, studying #Japanese language & culture, a little bit of a #coffee snob learning #latte art, I love to cook, and I make a bangin margherita #pizza.

Direct Video (Peertube):

Revelations / Analysis Of Whistleblower Report On ISP's Selling Access To 90% Connection Including PCAP (packet capture), Netflow Data

#Databrokers #Peertube #privacy #anonymity #anonymous #News #infosec #tech #Tor #proxy #netflow #PCAP #ISP #cybersecurity #databrokers
https://tube.tchncs.de/w/4TDRCuUzF6u84DmcYvuq4c

Have to say I'm really concerned about this... We've known for a while ISP's have been quietly selling raw "netflow" data to people like Team Cymru.

Story out: access to 90% internet data, selling to military, corporations. 😢

Surveillance is an evil, inhumane venture. Never forget that.

#Privacy #News #Tor #Cymru #surveillance #netflow #ISP #Anonymity #proxy #anonymous
https://www.vice.com/en/article/y3pnkw/us-military-bought-mass-monitoring-augury-team-cymru-browsing-email-data

*ntopng*

High-Speed Web-based Traffic Analysis and Flow Collection

ntopng is the next generation version of the original ntop, a network traffic probe that monitors network usage. ntopng is based on libpcap/PF_RING and it has been written in a portable way in order to virtually run on every Unix platform, MacOS and on Windows as well.

ntopng – yes, it’s all lowercase – provides a intuitive, encrypted web user interface for the exploration of realtime and historical traffic information.

Main Features

Sort network traffic according to many criteria including IP address, port, Layer-7 (L7) application protocols, throughput, Autonomous Systems (ASs)
Show realtime network traffic and active hosts
Produce long-term reports for several network metrics including throughput and L7 application protocols

etc

https://www.ntop.org/products/traffic-analysis/ntop/

#ntop #netflow #network #analyzer

check out our open source Zeek malware hunting tools at
https://dovehawk.io  that power the @cancyberorg foundation using @MISPProject and @Zeekurity #threatintel #pdns #netflow realtime hunting and dns/flow analyticspic.twitter.com/Xljo4i4r3K

Trying to figure out daily/weekly/monthly bandwidth usage on my #OpenBSD router... so far, got `pflow(4)` up and runnning as well as `snmpd(8)` with `nfsen` and `mrtg` which lets me see nice graphs of traffic, but I haven't yet figured out how to see a number of bytes transferred per day in/out of my router. My ISP sends me a nice report of this, but I want to verify their numbers with my own. What am I missing? #cluestick #netflow #router