Michael Patterson : Advanced NetFlow Traffic Analysis
Michael Patterson
Founder and Product manager for Plixer's Scrutinizer NetFlow and sFlow Analyzer as well as Flow Analytics.

July 2013

You are browsing the archive for July 2013.

Securing Remote Networks Against Cyber Threats: part 2

July 5, 2013

IP Host Reputation

Today, some NetFlow collector vendors are comparing IP addresses found in flows to reputation lists.  This host reputation look up process is a routine that goes out to an Internet based reputation list provider every hour and downloads an updated list of known hosts that end systems on the network should not be communicating with. Typically this is a list of compromised hosts that have a reputation for sending nefarious traffic (e.g. C&C). 

Read part 1 of this series.

Featured Events