BSD/Linux

NfSen Net Flow Sensor

Submitted by dlikaris on Tue, 03/13/2012 - 13:29

NfSen is a graphical web based front end for the nfdump netflow tools.

NfSen allows you to:

Display your netflow data: Flows, Packets and Bytes using RRD (Round Robin Database).

Easily navigate through the netflow data.

Process the netflow data within the specified time span.

Create history as well as continuous profiles.

Set alerts, based on various conditions.

Write your own plugins to process netflow data on a regular interval.

• Read more

MSIA 672 Resources

Submitted by dlikaris on Mon, 10/24/2011 - 13:29

MSIA 672 Managing a Secure Enterprise Whitman Book chapter powerpoints (ppt)

Click on the file to download the individual ppt for the chapter

Image: 

• 12 attachments

Basic Protocol Analysis Lab

Submitted by vgarramone on Fri, 08/27/2010 - 16:47

This lesson is used in the Network Forensics course at Regis University. It consists of three activities designed to acquaint the student with various network protocols using the tcpdump (http://www.tcpdump.org), wireshark (http://www.wireshark.org), and netdude (http://netdude.sourceforge.net/) programs on seven small packet capture files.

Activities 1 and 2 help the student get comfortable using tcpdump and to become familiar with its filtering options.

Activity 3 asks students to identify the protocols being used at various OSI model layers in each pcap file.

Image: 

• 1 attachment

VISE RC4 Cipher Applet

Submitted by vgarramone on Sun, 05/23/2010 - 13:04

This applet demonstrates the RC4 stream cipher, which is used in many applications, including the SSL that protects secure web pages (HTTPS). Includes suggested exercise and explanatory text.

VISE RC4 Distribution Applet

Submitted by vgarramone on Sun, 05/23/2010 - 13:01

In RC4, the first 256 steps use the key to perform a transposition on an array of the bytes from 0 to 255. Ideally, a random key should result in a random distribution. However, the resulting distribution is far from random. This applet is running RC4 many times with different, random, 16-byte keys, and gives various statistics of transposition results.

VISE RSA Cipher Applet

Submitted by vgarramone on Fri, 05/21/2010 - 11:01

This applet helps students to visualize the randomness of data encoded using the RSA algorithm.

VISE Database Inference Applet

Submitted by vgarramone on Fri, 05/21/2010 - 10:00

This applet shows a simple database that attempts to prevent users from querying sensitive information, in this case salaries by name. The only queries allowed are a list of names based on selected values for fields, and average salaries for the selected criteria. However, by structuring queries in a certain manner, sensitive information can be inferred from the results.

Exercises are conceptual, and do not require programming/SQL knowledge.

VISE Substitution Cipher Applet

Submitted by vgarramone on Fri, 05/21/2010 - 00:10

This applet provides students with several tools to visually explore the substitution cipher and ways to decipher the code.

Both letter and digram frequency can be used to decode a secret message, and are given as graphs. A suggested experiment and explanatory text are also given.

VISE Shift Cipher Applet

Submitted by vgarramone on Fri, 05/21/2010 - 00:04

This applet shows how the simple shift cipher works, and provides a visual mechanism to explore breaking the cipher using letter frequency in the ciphertext.

This resource includes a suggested activity and explanatory text.

VISE Affine Cipher Applet

Submitted by vgarramone on Thu, 05/20/2010 - 23:45

This resource consists of a Java applet that allows students to visually explore how the Affine cipher works, and effective methods of breaking it.

Currently, there are two suggested experiments, a mathematical description of the Affine cipher, and explanatory text for major components of the applet.