Graph of the Week at http://qosient.com/argus
Phillip G Deneault
deneault at WPI.EDU
Thu Sep 21 11:35:31 EDT 2006
Darren Spruell wrote:
> I'll have to admit being ignorant as to what the graph really
> illustrated. :) I'm relatively new to argus and have never used it for
> any practical purpose, but have nevertheless been very interested in
> the kind of stuff it can handle. I have to say "kind" because I'm not
> absolutely sure of how to see practical benefit from it in obvious
> ways. (That said, I haven't exactly dove right into it to figure out
> the nitty gritties either.)
>
> I'd be interested in seeing a range of practical applications of
> argus, supported by either graphs or straight terminal output, and
> focusing on pointed, practical tasks. For example, my activities
> revolve around security monitoring and incident response, and I'm
> interested in learning more about how traffic anomalies can be
> identified by argus and how we can accomplish better network auding
> capabilities
> [deletia]
I did a presentation in April at the Educause Security Professionals
Conference on an overview on some types of security checks that can be
done using flow-based analysis. It's pretty basic and doesn't go into
much detail, but you are welcome to look at it.
http://www.educause.edu/content.asp?page_id=666&ID=SPC0682&bhcp=1
I didn't get into the scripts I use to search for this stuff because
they will probably need to be rewritten for Argus 3 formatting and
capabilities and they could be written far better. Like many scripts,
they were simply written good enough to run. :-)
If you have any questions, let me know,
Phil
More information about the argus
mailing list