Network Monitoring and Vulnerability Scanning Overview

Slide Note
Embed
Share

Kashif Mohammad from the Department of Physics at the University of Oxford provides insights into their setup involving ZEEK, ELK Monitoring, and OpenVas for network monitoring and vulnerability scanning. The team aims to enhance network security through structured classification of nodes based on types, ownership structures, and data sensitivity levels.

hadiya
hadiya Follow

Uploaded on Jul 29, 2024 | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Site Report Site Report Kashif Mohammad Department of Physics University of Oxford

  2. ZEEK and ELK Small setup of ZEEK and ELK Monitoring Grid Services through ZEEK But not much interesting data Plan to monitor Physics department network Waiting for network restructure Installed a MISP instance and long term plan is to integrate with ZEEK

  3. ZEEK + ELK Setup Switch Mirror Ports VMs ES Kib LS FB Beat Zeek oVirt Host ELK Bro Server

  4. OpenVas Running OpenVas for Vulnerability Scanning Installed on top of Kali Linux Mostly worked out of box We have quite a few vlans and subnets so scanning across network range takes too much time So running `nmap sn <ip-range>` first and then feeding that list as input for openvas scan. Much better

  5. OpenVas OpenVas Quite satisfy with the tool Completely free Active mailing list Reporting is not very intuitive and can be difficult to navigate 100 page PDF reports Fair number of false positives Can be unstable Problem might be at my end

  6. What We Want What We Want Classify nodes on basis of types Servers, Desktop, DAQ, Switches, Network attached devices Classify on basis of ownership structures Sub-department, web admin, desktop admin Classify on basis of data sensitivity Status over the time

Related


Passive Attacks and Reconnaissance in Network Security

Passive Attacks and Reconnaissance in Network Security

suri
Understanding the Vulnerability Index for Small Island Developing States

Understanding the Vulnerability Index for Small Island Developing States

evander
Evolution of CT Scan Technology and Terminology

Evolution of CT Scan Technology and Terminology

madiha
Understanding Vulnerability: Meaning, Types, and Factors affecting Vulnerability

Understanding Vulnerability: Meaning, Types, and Factors affecting Vulnerability

james_cameo
Enhancing Cybersecurity with Bluedog VAPT Services

Enhancing Cybersecurity with Bluedog VAPT Services

rosanna
Enhancing Network Stability with Network Monitoring Systems

Enhancing Network Stability with Network Monitoring Systems

rosa_735
Disaster Recovery and Incident Response Concepts

Disaster Recovery and Incident Response Concepts

till
Leveraging Artifact Dependency Graphs for Software Vulnerability Detection

Leveraging Artifact Dependency Graphs for Software Vulnerability Detection

eithne
Cybersecurity Footprinting and Scanning Techniques

Cybersecurity Footprinting and Scanning Techniques

ism_v
Coastal Vulnerability Assessment of Curacao, Netherlands Antilles

Coastal Vulnerability Assessment of Curacao, Netherlands Antilles

leir320
Understanding Vulnerability in Research Populations

Understanding Vulnerability in Research Populations

eliahsgu
Different Reading Techniques: Skimming and Scanning Explained

Different Reading Techniques: Skimming and Scanning Explained

aze_bl
Improve Your Reading Skills: Scanning and Skimming Techniques

Improve Your Reading Skills: Scanning and Skimming Techniques

yanis
Effective Reading Strategies: Skimming and Scanning Techniques

Effective Reading Strategies: Skimming and Scanning Techniques

aamina
Exploring Atomic Dimensions: Scanning Probe Microscopy

Exploring Atomic Dimensions: Scanning Probe Microscopy

tril
Environmental Scanning Tool for Strategic Workforce Planning Cycle

Environmental Scanning Tool for Strategic Workforce Planning Cycle

elsierose
Implementing Barcode Scanning to Reduce Dispensing Errors in Pharmacy

Implementing Barcode Scanning to Reduce Dispensing Errors in Pharmacy

aurelius
Developing Monitoring Tools for Programmatic Oversight

Developing Monitoring Tools for Programmatic Oversight

zdild
Understanding Flow Monitoring in OVS for Efficient Network Management

Understanding Flow Monitoring in OVS for Efficient Network Management

andreea
Understanding Telecom Security Testing: Vulnerability Assessment & Remediation

Understanding Telecom Security Testing: Vulnerability Assessment & Remediation

mia
NIMH Clinical Research Education and Monitoring Program Overview

NIMH Clinical Research Education and Monitoring Program Overview

eyad
Understanding the Vulnerability of Large Graphs in Network Analysis

Understanding the Vulnerability of Large Graphs in Network Analysis

ramseyb
Importance of Field Monitoring in Adventure Activities

Importance of Field Monitoring in Adventure Activities

alawr
Effective Monitoring Practices for Federal Programs in Education

Effective Monitoring Practices for Federal Programs in Education

marah

More Related Content