Network Monitoring and Vulnerability Scanning Overview

Slide Note
Embed
Share

Kashif Mohammad from the Department of Physics at the University of Oxford provides insights into their setup involving ZEEK, ELK Monitoring, and OpenVas for network monitoring and vulnerability scanning. The team aims to enhance network security through structured classification of nodes based on types, ownership structures, and data sensitivity levels.

hadiya
hadiya Follow

Uploaded on Jul 29, 2024 | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Site Report Site Report Kashif Mohammad Department of Physics University of Oxford

  2. ZEEK and ELK Small setup of ZEEK and ELK Monitoring Grid Services through ZEEK But not much interesting data Plan to monitor Physics department network Waiting for network restructure Installed a MISP instance and long term plan is to integrate with ZEEK

  3. ZEEK + ELK Setup Switch Mirror Ports VMs ES Kib LS FB Beat Zeek oVirt Host ELK Bro Server

  4. OpenVas Running OpenVas for Vulnerability Scanning Installed on top of Kali Linux Mostly worked out of box We have quite a few vlans and subnets so scanning across network range takes too much time So running `nmap sn <ip-range>` first and then feeding that list as input for openvas scan. Much better

  5. OpenVas OpenVas Quite satisfy with the tool Completely free Active mailing list Reporting is not very intuitive and can be difficult to navigate 100 page PDF reports Fair number of false positives Can be unstable Problem might be at my end

  6. What We Want What We Want Classify nodes on basis of types Servers, Desktop, DAQ, Switches, Network attached devices Classify on basis of ownership structures Sub-department, web admin, desktop admin Classify on basis of data sensitivity Status over the time

Related


Passive Attacks and Reconnaissance in Network Security

Passive Attacks and Reconnaissance in Network Security

suri
Understanding the Vulnerability Index for Small Island Developing States

Understanding the Vulnerability Index for Small Island Developing States

evander
Evolution of CT Scan Technology and Terminology

Evolution of CT Scan Technology and Terminology

madiha
Understanding Vulnerability: Meaning, Types, and Factors affecting Vulnerability

Understanding Vulnerability: Meaning, Types, and Factors affecting Vulnerability

james_cameo
Enhancing Cybersecurity with Bluedog VAPT Services

Enhancing Cybersecurity with Bluedog VAPT Services

rosanna
Disaster Recovery and Incident Response Concepts

Disaster Recovery and Incident Response Concepts

till
Leveraging Artifact Dependency Graphs for Software Vulnerability Detection

Leveraging Artifact Dependency Graphs for Software Vulnerability Detection

eithne
Coastal Vulnerability Assessment of Curacao, Netherlands Antilles

Coastal Vulnerability Assessment of Curacao, Netherlands Antilles

leir320
Improve Your Reading Skills: Scanning and Skimming Techniques

Improve Your Reading Skills: Scanning and Skimming Techniques

yanis
Effective Reading Strategies: Skimming and Scanning Techniques

Effective Reading Strategies: Skimming and Scanning Techniques

aamina
Environmental Scanning Tool for Strategic Workforce Planning Cycle

Environmental Scanning Tool for Strategic Workforce Planning Cycle

elsierose
Implementing Barcode Scanning to Reduce Dispensing Errors in Pharmacy

Implementing Barcode Scanning to Reduce Dispensing Errors in Pharmacy

aurelius
Developing Monitoring Tools for Programmatic Oversight

Developing Monitoring Tools for Programmatic Oversight

zdild
Understanding Flow Monitoring in OVS for Efficient Network Management

Understanding Flow Monitoring in OVS for Efficient Network Management

andreea
Understanding Telecom Security Testing: Vulnerability Assessment & Remediation

Understanding Telecom Security Testing: Vulnerability Assessment & Remediation

mia
Understanding the Vulnerability of Large Graphs in Network Analysis

Understanding the Vulnerability of Large Graphs in Network Analysis

ramseyb
Network Slicing with OAI 5G CN Workshop Overview

Network Slicing with OAI 5G CN Workshop Overview

justice
NIMH Clinical Research Education and Monitoring Program Overview

NIMH Clinical Research Education and Monitoring Program Overview

eyad
Importance of Field Monitoring in Adventure Activities

Importance of Field Monitoring in Adventure Activities

alawr
Effective Monitoring Practices for Federal Programs in Education

Effective Monitoring Practices for Federal Programs in Education

marah
Unpredictable Arctic Monitoring Framework for Extreme Event Integration

Unpredictable Arctic Monitoring Framework for Extreme Event Integration

tre_ki
Continuous Monitoring of Water Quality in Little Bear River

Continuous Monitoring of Water Quality in Little Bear River

mjes
Metamodel-based Photovoltaic Monitoring System for Renewable Energies at Hongik University

Metamodel-based Photovoltaic Monitoring System for Renewable Energies at Hongik University

myfanwy
Understanding Risk Management in Environmental Geography and Disaster Management

Understanding Risk Management in Environmental Geography and Disaster Management

duke

More Related Content

Comprehensive Guide to Vulnerability Mapping in Election Planning
Comprehensive Guide to Vulnerability Mapping in Election Planning
Understanding Vulnerability and Capacity Issues in Civil Courts
Understanding Vulnerability and Capacity Issues in Civil Courts
Vulnerability Mapping (VM).Guidance Plan
Vulnerability Mapping (VM).Guidance Plan
Economic Vulnerability Premium for SIDS - Webinar Insights
Economic Vulnerability Premium for SIDS - Webinar Insights
Understanding Snort: An Open-Source Network Intrusion Detection System
Understanding Snort: An Open-Source Network Intrusion Detection System
Passive Attacks and Reconnaissance using NMAP for Network Scanning
Passive Attacks and Reconnaissance using NMAP for Network Scanning
Network Traffic Analysis with Wireshark: Examples and Techniques
Network Traffic Analysis with Wireshark: Examples and Techniques
Advancements in Online Saw Monitoring for Wood Industry 4.0
Advancements in Online Saw Monitoring for Wood Industry 4.0
Network Compression Techniques: Overview and Practical Issues
Network Compression Techniques: Overview and Practical Issues
Framework for Building National Forest Monitoring Systems for REDD+
Framework for Building National Forest Monitoring Systems for REDD+
Rethinking Network Monitoring: A Journey from Troubleshooting to Automation
Rethinking Network Monitoring: A Journey from Troubleshooting to Automation
Transportation Network Modeling and Analysis with C.Coupled SE Platform
Transportation Network Modeling and Analysis with C.Coupled SE Platform
Understanding Security Onion: Network Security Monitoring Tools
Understanding Security Onion: Network Security Monitoring Tools
Understanding Breast Ultrasound: Anatomy, Patient Preparation, and Scanning Protocol
Understanding Breast Ultrasound: Anatomy, Patient Preparation, and Scanning Protocol
Understanding Functional Skills: Text Analysis and Application
Understanding Functional Skills: Text Analysis and Application
Modeling and Generation of Realistic Network Activity Using Non-Negative Matrix Factorization
Modeling and Generation of Realistic Network Activity Using Non-Negative Matrix Factorization
Understanding Scanning in Thin Clients, RDP, and Citrix Environments
Understanding Scanning in Thin Clients, RDP, and Citrix Environments
Non Coronary Vascular Stents
Non Coronary Vascular Stents
Environmental Scanning Techniques for Business Adaptation
Environmental Scanning Techniques for Business Adaptation
Understanding the Array Scanning Method in Electromagnetics
Understanding the Array Scanning Method in Electromagnetics
Food for Peace Monitoring and Evaluation Workshop Overview
Food for Peace Monitoring and Evaluation Workshop Overview
The Drought Toolbox and Satellite Technology Overview
The Drought Toolbox and Satellite Technology Overview
Autism and Developmental Disabilities Monitoring Network 2020 Surveillance Summaries
Autism and Developmental Disabilities Monitoring Network 2020 Surveillance Summaries
Overview of Policy Service Node (PSN) Architecture
Overview of Policy Service Node (PSN) Architecture