How to Conduct a Network Security Investigation (Part 5): Analyze Fanout Charts and Buffer Overflows





The interactive transcript could not be loaded.



Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Nov 18, 2012

http://www.clicksecurity.com -- Vicky Irwin, Lead of the Module Development Team at Click Security explains how fanout charts can assist with the understanding of buffer overflows.

Earlier, we discussed how the anomaly information tells us that host A attacked host B. But what else is going on with host A? What else is going on with host B?

The fanout charts allowed the analysts to pursue the investigation very deep into the network.

After going only two or three layers into the fanout charts, they soon found out that there were connections between the different attackers, with each sourcing SMB buffer overflows at exactly the same time. By starting with one buffer overflow and using the fanout charts, the analysts were able to see that three of the attackers were definitely related and highly coordinated in the attacks.

If you are a Security Analyst who wants to be empowered by the real-time security analytics, data processing, encoding and intelligence sharing solutions by Click Security; Call (512) 637-8500 today and talk to one of our Network Security experts or,

Visit our website at http://www.clicksecurity.com for more information about Network Security solutions at Click Security. (clicksecurityprotects)

3 out of 4 Analysts on YouTube probably want to watch related videos from Click Security:



When autoplay is enabled, a suggested video will automatically play next.

Up next

to add this to Watch Later

Add to

Loading playlists...