Security Onion Training - How to Detect DNS fast fluxing domains

Detecting DNS Fast Fluxing Domains

Fast Flux is a technique that hides and conceals the real identity of the attacker by circulating through different and ever changing number of IP addresses.

In this video walkthrough, we used Snort and Sguil installed in Security Onion to lay down a practical example on detecting DNS fast fluxing domains.

This video was part of the Cisco CyberOps Certificate.

How to detect Malwares in your Network with Snort

How to detect Advanced persistent Threat

You will learn how to investigate the presence of an APT in your network using security onion and by correlating events and alerts through different frameworks. Network intrusion analysis and security operations.

How to use snort IDS and Sguil in Security Onion

Blue Team, IDS, Security onion, Snort

Show Comments

Motasem

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles

аджарабет казино армения on Windows Persistence Techniques P4 | Scheduled Tasks | TryHackMeApril 23, 2023
Thank you very much for the information
gate io on Influx Database and Docker Exploitation | TryHackMe Sweettooth IncApril 22, 2023
Your article helped me a lot, is there any more related content? Thanks!
fast loto kod almaq on Advertising Methods on FacebookApril 21, 2023
Thank you for the information
Motasem on How To Use FireEye RedLine For Incident Response | TryHackMe RedLineNovember 11, 2021
I am planning to go over it soon.
VINAYAK AGRAWAL on How To Use FireEye RedLine For Incident Response | TryHackMe RedLineNovember 9, 2021
Hey, did you complete task 6 ?

Press ESC to close

Leave a Reply Cancel reply

Motasem

About the Author

Share Article:

You might also like

HackTheBox Forest Walkthrough

HackTheBox Bastion Walkthrough

HackTheBox Access Walkthrough