NetFlow

19 February 2014 at 9:35am

Conficker monitoring

James Davis
conficker
malware
NetFlow
infosec
We've disabled our monitoring of netflow feeds for W32/Conficker/Downadup infections. Given the decreasing number of vulnerable systems, the wide awareness of this issue and the low threat posed by the malware we've decided it was no longer worth the effort and resources to maintain a system that was generating a handful of alerts each day. Our reports of infections will continue, but they'll only be sourced from data sent to us by third parties such as Shadowserver.
Read more

Janet CSIRT use of NetFlow data

Anonymous
Monday, February 13, 2012 - 20:09
CSIRT
NetFlow
advice
data
incident response
security
usage
Janet processes netflow data collected on various routers within the Janet network. This netflow data is used in planning, network operations, research and security incident response, and is considered necessary to effectively complete some of the tasks involved in these areas.
Read more
Subscribe to NetFlow