Security Onion Training

Detecting DNS Fast Fluxing Domains

Fast Flux is a technique that hides and conceals the real identity of the attacker by circulating through different and ever changing number of IP addresses.

In this video walkthrough, we used Snort and Sguil installed in Security Onion to lay down a practical example on detecting DNS fast fluxing domains.

This video was part of the Cisco CyberOps Certificate.

Get Blue Team Notes

How to detect Malwares in your Network with Snort

How to detect Advanced persistent Threat

You will learn how to investigate the presence of an APT in your network using security onion and by correlating events and alerts through different frameworks. Network intrusion analysis and security operations.

How to use snort IDS and Sguil in Security Onion

Blue Team, IDS, Security onion, Snort

Show Comments

Motasem

About the Author

I create cybersecurity notes, digital marketing notes and online courses. I also provide digital marketing consulting including but not limited to SEO, Google & Meta ads and CRM administration.

View Articles

Press ESC to close

Leave a Reply Cancel reply

Motasem

About the Author

Share Article:

You might also like

Open Source Intelligence Reddit Case Study | TryHackMe Advent of Cyber

Open Source Intelligence Tools & Techniques Explained With Case Studies

WordPress XXE Vulnerability | CVE-2021-29447 TryHackMe