https://lhs.inria.fr/tags/monitoring/index.html Recent content in Monitoring on Laboratoire de Haute Sécurité Hugo -- gohugo.io en-us frederic.beck@inria.fr (Frederic Beck) frederic.beck@inria.fr (Frederic Beck) Thu, 06 Jun 2024 00:00:00 +0000 https://lhs.inria.fr/datasets/darknet/index.html Thu, 06 Jun 2024 00:00:00 +0000frederic.beck@inria.fr (Frederic Beck) https://lhs.inria.fr/datasets/darknet/index.html <link href="../css/tile.css" rel="stylesheet"> <link href="../../css/tile.css" rel="stylesheet"> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/internet">Internet</a></span> </span> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/monitoring">Monitoring</a></span> </span> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/passive-listening">Passive listening</a></span> </span> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/pcap">PCAP</a></span> </span> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/csv">CSV</a></span> </span> <br> <center> <div style='width:500px; margin-bottom:25px; margin-top:25px;'> <img class="resizableImage" src="../images/darknet01.png" style="width:''" alt="Darknet"/> </div> </center> <h1>Darknet</h1> <p> Monitoring unused address space, or Darknet, consist in capturing all traffic towards a set of ip adresses directly connected to Internet, without any active computer connected. All inbound traffic is unsolicited. </p> <p> Thanks to our Darknet using 4096 contiguous public IP addresses, we can mesure networks attack on internet in real time, and especially large scale phenomena such as Internet wide port scanning, DDoS backscatter or DNS amplification attempts. </p> https://lhs.inria.fr/platforms/darknet/index.html Wed, 05 Jun 2024 00:00:00 +0000frederic.beck@inria.fr (Frederic Beck) https://lhs.inria.fr/platforms/darknet/index.html <link href="../css/tile.css" rel="stylesheet"> <link href="../../css/tile.css" rel="stylesheet"> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/internet">Internet</a></span> </span> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/monitoring">Monitoring</a></span> </span> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/passive-listening">Passive listening</a></span> </span> <br> <center> <div style='width:500px; margin-bottom:25px; margin-top:25px;'> <img class="resizableImage" src="../images/darknet01.png" style="width:''" alt="Darknet"/> </div> </center> <h1>Passive Internet monitoring</h1> <p> Monitoring unused address space, or Darknet, consist in capturing all traffic towards a set of ip adresses directly connected to Internet, without any active computer connected. All inbound traffic is unsolicited. </p> <p> Thanks to our Darknet using 4096 contiguous public IP addresses, we can mesure networks attack on internet in real time, and especially large scale phenomena such as Internet wide port scanning, DDoS backscatter or DNS amplification attempts. </p> https://lhs.inria.fr/platforms/honeypots/index.html Wed, 05 Jun 2024 00:00:00 +0000frederic.beck@inria.fr (Frederic Beck) https://lhs.inria.fr/platforms/honeypots/index.html <link href="../css/tile.css" rel="stylesheet"> <link href="../../css/tile.css" rel="stylesheet"> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/internet">Internet</a></span> </span> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/monitoring">Monitoring</a></span> </span> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/honeypots">Honeypots</a></span> </span> <br> <center> <div style='width:500px; margin-bottom:25px; margin-top:25px;'> <img class="resizableImage" src="../images/honeypots.png" style="width:''" alt="Distributed honeypots"/> </div> </center> <h1>Distributed honeypots platform</h1> <p> Our distributed honeypot platform based on Tpot allows us to operate various sensors running up to 20&#43; honeypots each, centralizing the collect traces, logs and binaries in the LHS. The collected data is indexed in realtime in an Elasticsearch cluster. </p> <p> Probes are placed on various dedicated network connections in the LHS, in the cloud or in our partners networks, thanks to the CyberGenAI joint project with DFKI (Germany) and OMU (Japan). </p> https://lhs.inria.fr/platforms/telescope/index.html Wed, 05 Jun 2024 00:00:00 +0000frederic.beck@inria.fr (Frederic Beck) https://lhs.inria.fr/platforms/telescope/index.html <link href="../css/tile.css" rel="stylesheet"> <link href="../../css/tile.css" rel="stylesheet"> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/internet">Internet</a></span> </span> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/monitoring">Monitoring</a></span> </span> <span class="badge cstyle info"> <span class="badge-title"><i class="fas fa-tag"></i></span> <span class="badge-content" style="background-color: #048B9A;"><a style="color:#FFFFFF;" href="../../tags/passive-listening">Passive listening</a></span> </span> <br> <center> <div style='width:500px; margin-bottom:25px; margin-top:25px;'> <img class="resizableImage" src="../images/telescope01.jpg" style="width:''" alt="Network Telescope"/> </div> </center> <h1>Passive Internet monitoring</h1> <p> The network telescope allows to deploy passive probes directly on the Internet, and capture traces (traffic, application logs...), whatever the size of the data. </p> <p> Probes are placed on a dedicated network connection on which we control the firewall. </p> <p> Collected data can be stored, replicated and indexed in realtime. </p> <h2>Links</h2> <ul> <li> <a href="https://concordia-btc-p2p.lhs.inria.fr/">https://concordia-btc-p2p.lhs.inria.fr/</a> </li> <li> <a href="https://concordia-eth-p2p.lhs.inria.fr/">https://concordia-eth-p2p.lhs.inria.fr/</a> </li> </ul> <h2>Contact</h2> <div class="customTileBox"> <a href="mailto:frederic.beck@inria.fr&body="> <div class="customTile emailTile"> <i class='fas fa-paper-plane'></i> <div> <div> Frederic Beck </div> <div class="italic"> frederic.beck@inria.fr </div> </div> </div> </a> </div>