Building Netflow based NIDS out of open source components


Netflow exporters provide extremely important information about what is going on in your network almost in real time. As the network grows, to store and analyze collected flow information starts to be a tedious task.

The purpose of this talk is to outline how to use open source technologies to move from RRD files as a mean of storage of flow data and take full advantage of Netflow's (almost) real time nature to create NIDS with all the related data right at hand, visualized and ready to be diagnosed.


