Notes for USENIX Security Students

In a few hours I will be teaching Network Security Monitoring with Open Source Tools at USENIX Security in Baltimore, MD. I have two items of interest for my students concerning their slides.

First, the default Tethereal ring buffer syntax has changed. My first book, and the Tethereal slide, use this syntax:

tethereal -n -i -s -a duration:3600 -b 24 -w

The new syntax requires a filesize whenever -b (ring buffer mode) is invoked, like so:

tethereal -n -i -s -a filesize:1000000 -a duration:3600 -b 24 -w

Also, there is a slide missing before the Trafshow screen shot. It should look like this.

Comments

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics