SlideShare a Scribd company logo

Itet2 its counter recon

M
Morten Nielsen

This document discusses the importance of counter reconnaissance and log analysis to detect and prevent security threats. It recommends logging large amounts of system and network activity daily, centralizing logs for easier analysis, and using log analyzers and intrusion detection software to mine logs for anomalies or attacks. Examples provided demonstrate analyzing Linux and firewall logs, as well as using security information and event management tools to correlate events across systems.

Technology
1 of 9
Downloaded 12 times
1
2
3
4
5
6
7
8
9
Counter reconnaissance
Basic profile Reconnaissance Open sources
“Internal” and other privileged sources Attack DoS
Intrusion
Counter reconnaissance Purpose Know that they are looking, before they break in. Result of good counter reconnaissance Determine methodology
Gather evidence
Prevention
Supply false information
Log, logs, logs, logs Huge amounts of information. Use it! (Daily?)

More Related Content

PDF
Windows Threat Hunting
GIBIN JOHN
 
PDF
Sophos intercept-x
Merrymary Tom
 
PPTX
Hunting before a Known Incident
EndgameInc
 
PPTX
Ready set hack
GDSCBVCOENM
 
PDF
PHDays 2018 Threat Hunting Hands-On Lab
Teymur Kheirkhabarov
 
PPTX
Intrusion detection using data mining
balbeerrawat
 
ODP
Itt2 its introduction
Morten Nielsen
 
ODP
Itet2 its authorative sources
Morten Nielsen
 
Windows Threat Hunting
GIBIN JOHN
 
Sophos intercept-x
Merrymary Tom
 
Hunting before a Known Incident
EndgameInc
 
Ready set hack
GDSCBVCOENM
 
PHDays 2018 Threat Hunting Hands-On Lab
Teymur Kheirkhabarov
 
Intrusion detection using data mining
balbeerrawat
 
Itt2 its introduction
Morten Nielsen
 
Itet2 its authorative sources
Morten Nielsen
 

Viewers also liked (13)

ODP
Itt3 its acl
Morten Nielsen
 
ODP
Itet3 its forensics
Morten Nielsen
 
ODP
ITET3 ITS governance
Morten Nielsen
 
ODP
ITET1 Routing Application layer.odp
Morten Nielsen
 
ODP
Its presentation
Morten Nielsen
 
ODP
ITET3 Networking P2P
Morten Nielsen
 
ODP
Routing vlans
Morten Nielsen
 
PDF
Itt2 its ssl and services
Morten Nielsen
 
ODP
Diagram cookbook
Morten Nielsen
 
PDF
Itt1 intro knowing and doing
Morten Nielsen
 
PDF
Itt1 intro project management
Morten Nielsen
 
ODP
Itt3 virtual machines
Morten Nielsen
 
ODP
ITET1 Routing Transport layer.odp
Morten Nielsen
 
Itt3 its acl
Morten Nielsen
 
Itet3 its forensics
Morten Nielsen
 
ITET3 ITS governance
Morten Nielsen
 
ITET1 Routing Application layer.odp
Morten Nielsen
 
Its presentation
Morten Nielsen
 
ITET3 Networking P2P
Morten Nielsen
 
Routing vlans
Morten Nielsen
 
Itt2 its ssl and services
Morten Nielsen
 
Diagram cookbook
Morten Nielsen
 
Itt1 intro knowing and doing
Morten Nielsen
 
Itt1 intro project management
Morten Nielsen
 
Itt3 virtual machines
Morten Nielsen
 
ITET1 Routing Transport layer.odp
Morten Nielsen
 
Ad

Similar to Itet2 its counter recon (20)

DOCX
UMUC Monitoring, Auditing, Intrusion Detection, Intrusion Prev.docx
willcoxjanay
 
PPTX
Cyber Security Project : Comprehensive Vulnerability Analysis Report.pptx
Boston Institute of Analytics
 
PPTX
Tools and Methods of Reconnaissance in Cybersecurity: A Comprehensive Guide b...
Boston Institute of Analytics
 
PDF
CONFidence 2017: Hackers vs SOC - 12 hours to break in, 250 days to detect (G...
PROIDEA
 
PDF
OSINT for Attack and Defense
Andrew McNicol
 
PPTX
The basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwon
Kenneth Kwon
 
ODP
Unlock Security Insight from Machine Data
Narudom Roongsiriwong, CISSP
 
PPTX
Reconnaissance
n|u - The Open Security Community
 
PPTX
Cyber Security Project Presentation: Unveiling Reconnaissance Tools and Techn...
Boston Institute of Analytics
 
PPTX
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
Andris Soroka
 
PPTX
How to Leverage Log Data for Effective Threat Detection
AlienVault
 
PPTX
2. Footprinting and scanning and its sequence.pptx
RohitAhuja58
 
PPT
Hacking Fundamentals - Jen Johnson , Miria Grunick
amiable_indian
 
PPTX
Cyber Security Project Presentation : Essential Reconnaissance Tools and Tech...
Boston Institute of Analytics
 
PDF
Wc4
Said Wali
 
DOCX
Sessiontask1_PASSIVE_RECONNAISSANCE.docx
TESTERGUY1
 
PPT
How hackers attack networks
Adeel Javaid
 
PPTX
Basic ethical hacking and cyber security
Faysal Ahmed
 
PPT
Log Mining: Beyond Log Analysis
Anton Chuvakin
 
PPTX
SpiceWorks Webinar: Whose logs, what logs, why logs
AlienVault
 
UMUC Monitoring, Auditing, Intrusion Detection, Intrusion Prev.docx
willcoxjanay
 
Cyber Security Project : Comprehensive Vulnerability Analysis Report.pptx
Boston Institute of Analytics
 
Tools and Methods of Reconnaissance in Cybersecurity: A Comprehensive Guide b...
Boston Institute of Analytics
 
CONFidence 2017: Hackers vs SOC - 12 hours to break in, 250 days to detect (G...
PROIDEA
 
OSINT for Attack and Defense
Andrew McNicol
 
The basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwon
Kenneth Kwon
 
Unlock Security Insight from Machine Data
Narudom Roongsiriwong, CISSP
 
Reconnaissance
n|u - The Open Security Community
 
Cyber Security Project Presentation: Unveiling Reconnaissance Tools and Techn...
Boston Institute of Analytics
 
Data Security Solutions @ISACA LV Chapter Meeting 15.05.2013 SIEM based …
Andris Soroka
 
How to Leverage Log Data for Effective Threat Detection
AlienVault
 
2. Footprinting and scanning and its sequence.pptx
RohitAhuja58
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
amiable_indian
 
Cyber Security Project Presentation : Essential Reconnaissance Tools and Tech...
Boston Institute of Analytics
 
Wc4
Said Wali
 
Sessiontask1_PASSIVE_RECONNAISSANCE.docx
TESTERGUY1
 
How hackers attack networks
Adeel Javaid
 
Basic ethical hacking and cyber security
Faysal Ahmed
 
Log Mining: Beyond Log Analysis
Anton Chuvakin
 
SpiceWorks Webinar: Whose logs, what logs, why logs
AlienVault
 
Ad

More from Morten Nielsen (9)

PDF
Itt2 its pki and certificates
Morten Nielsen
 
ODP
Itt2 its ids
Morten Nielsen
 
ODP
Itt2 its encrypted storage
Morten Nielsen
 
PDF
Itt2 its introduction
Morten Nielsen
 
ODP
Itt1 sd requirements
Morten Nielsen
 
ODP
Itt1 sd uml and oo
Morten Nielsen
 
ODP
Itt3 its social engineering
Morten Nielsen
 
ODP
Itet2 its social engineering
Morten Nielsen
 
ODP
Itet2 its anatomy
Morten Nielsen
 
Itt2 its pki and certificates
Morten Nielsen
 
Itt2 its ids
Morten Nielsen
 
Itt2 its encrypted storage
Morten Nielsen
 
Itt2 its introduction
Morten Nielsen
 
Itt1 sd requirements
Morten Nielsen
 
Itt1 sd uml and oo
Morten Nielsen
 
Itt3 its social engineering
Morten Nielsen
 
Itet2 its social engineering
Morten Nielsen
 
Itet2 its anatomy
Morten Nielsen
 

Recently uploaded (20)

PDF
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PDF
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PDF
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
PDF
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PDF
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PDF
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
PDF
Getting Started with Data Integration: FME Form 101
Safe Software
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
PDF
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
A comparative study of natural language inference in Swahili using monolingua...
IAESIJAI
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
Web App vs Mobile App What Should You Build First.pdf
KodekX
 
Accuracy of neural networks in brain wave diagnosis of schizophrenia
IAESIJAI
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
DASA ADMISSION 2024_FirstRound_FirstRank_LastRank.pdf
rameswartudu05
 
Getting Started with Data Integration: FME Form 101
Safe Software
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Assigned Numbers - 2025 - Bluetooth® Document
Bloombase
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 

Itet2 its counter recon