bucy wrote:
] ] SiLK, the System for Internet-Level Knowledge, is a
] ] collection of netflow tools developed by the CERT/AC to
] ] facilitate security analysis in large networks. SiLK
] ] consists of a suite of tools which collect and examine
] ] netflow data, allowing analysts to rapidly query large
] ] sets of data. SiLK was explicitly designed with a
] ] tradeoff in mind: while traffic summaries do not provide
] ] packet-by-packet (in particular, payload) information,
] ] they are also considerably more compact and consequently
] ] can be used to acquire a wider view of network traffic
] ] problems.
]
] I'm being recruited to work on this project. So this is the infrastructure. Its interesting, but not working at an ISP I don't really have a space to play with it. Are there any papers with results produced using the tools? RE: SiLK: System for Internet-Level Knowledge | 
