Python Based Netflow Collector

Recently, I have been wanting to start another programming project in Python. I also wanted to play around with Cisco’s Netflow implementation. So I build my own flow collector in Python for educational purpose. For now it’s only limited to version 5 but I’m planning to add additional updates to include v9 and IPFIX, which … 

 

VXLANs Overview

As virtualization grows driven by the “cloud revolution”, existing network technologies aren’t sufficient enough to support the growth. Advanced virtualization features are causing layer 2 boundaries to expand, which isn’t scalable in current datacenter networks. In multi-tenant environment, multiple internal and external customers require multiple overlapping subnets which further complicates the problem of network configuration … 

 

SNORT – Content Modifier – Offset

In the last post, I explained how content keyword is used to detect a pattern within the payload of a packet. There are numerous modifiers that can be used in conjunction with the keyword to modify pattern matching behaviours. In this post, we will discuss Offset keyword. Offset indicates the starting byte for pattern matching. … 

 

SNORT – content matching

I have been playing around with SNORT lately. One of the key features of SNORT is to detect specific pattern encapsulated within payload of a packet. Content keyword is used to perform pattern matching within the payload. The pattern to be matched is specified as a parameter of the keyword, either in string format or …