Main Page

From MetaFlows User Manual

Jump to: navigation, search
  1. The MetaFlows Security System
    1. Introduction
    2. Architecture
      1. Sensors
      2. Controller
    3. Appliances
    4. Sensor Software
      1. Multiple Session Analysis
      2. Soft IPS
      3. SIEM Import Export
      4. Sensor System (MSS)
      5. File Transmission Logging and Network Antivirus
      6. Full Packet Capture and File Carving
      7. SaaS Malware Detection
  2. MetaFlows Sensor System (MSS]
  3. System Requirements
    1. Browser
    2. Sensor Hardware and Software
    3. Interface Bonding
    4. Sensor Networking
  4. Sensor Setup
    1. Registering With MetaFlows
    2. Adding A Sensor
    3. Adding Sensor (Advanced)
  5. Sensor Install
    1. Downloading Sensor Image
    2. Linux Sensor Installation Procedures
    3. VMWare Sensor Installation Procedures
      1. Configure Share Folders
      2. VMWare Preferences
      3. Closing VMWare Player
      4. Virtual Machine Sensor Management
      5. Sensor System (MSS)
  6. Browser Setup
    1. Sensor Connection Window
      1. Sensor Connection Status
      2. Sensor Status Lights
  7. Main Menu
  8. Account Management
    1. Preferences
    2. Subscription
    3. Contact Information
  9. Sensor Management
    1. Add Sensors
    2. View Sensors
    3. Edit Sensors
    4. Share Sensors
  10. Historical Reports
    1. Loading Bar
    2. Historical Report Columns and Data
    3. Feedback
    4. Coloring
    5. Historical Report Options
  11. Real-Time Event View
    1. Real-Time Event View Columns
    2. Real-Time Data Management
  12. Event Graphs
  13. Log Management
  14. Event Classification
    1. Creating a Classification
      1. Classification Category
      2. Classification Name
      3. Classification Action
        1. Delete
        2. Change Rank
        3. Email
        4. Block
        5. Classify
        6. Disable Class
      4. Other Details
    2. Viewing Classes
    3. Class Access and Legends
  15. Forensic Tools
    1. Summary Forensic Tools
    2. Flow Detail Forensic Tools
      1. Escalate Flow
      2. Get Service
      3. Packet Data (tcpflow)
      4. Packet Data (tcpdump)
      5. Lookup Server/Client Port
      6. Server/Client Historical Reports
  16. Rules Management Interface
    1. Entering the Rules Management Interface
    2. Selecting a Sensor
    3. Sensor Rules Controls
    4. Updating Your Rules File
    5. Rule File List
    6. Rule Listings Per File
    7. Rule Context Menu
    8. Manual Rule Editor and Rule Info
    9. Edited Rule Color Coding
    10. Tuning a Rule
    11. Relevant Snort Rules Links
  17. Correlation Engine Rules
    1. Introduction
    2. In Practice
    3. CER Full Specification
      1. Actions
        1. Match
        2. Block
        3. Email
        4. Ignore
        5. Rank
        6. Trackint and Trackext
      2. <cond> and <rpc>
      3. Description of Specifications
        1. Field
        2. Op
        3. Value
      4. Examples
        1. Simple Matches: No Preconditions
        2. One Precondition: Multiple Triggers and Multiple Actions
        3. One Precondition and A Pure Flow Match
  18. Amazon Web Services (AWS) Setup
    1. MetaFlows Sensor as a Collector / Agent Model
      1. Introduction/Notes
      2. Install and Start the Collector Software
      3. Configure the Sensor
      4. Add Linux or Windows Agents
        1. Linux Agents:
        2. Windows Agents:
    2. MetaFlows Security Gateway on Amazon EC2
      1. Architecture
      2. Setup Instructions
        1. Launch a VPC
        2. Create Subnets
        3. Setup the NAT Gateway
        4. Add Additional IP Addresses
        5. Setup the Routing Tables
        6. Launch the EC2 Instances
        7. Add Port Forwarding Rules
  19. MetaFlows Honeypots
    1. Overview
    2. Types of Honeypots
      1. Windows Server
      2. Windows Client
      3. CentOS Linux Server
      4. Ubuntu Metasploitable Server
    3. Requirements
    4. Adding a Sensor to the Honeypot
    5. Preparing the Host System
    6. Additional Notes
      1. Complications
      2. If Traffic Is Not Reaching the Honeypot
      3. Viewing the Honeypot as a Guest
      4. Modifying the Honeypot VMware Image

Next Chapter

Views
Personal tools
Navigation
Toolbox