You
MUST register through eventbrite to gain access to this session (Day 2).
Is Weird still weird? Take-2 @ESnet - Fatema Bannat Wala
Summary: This presentation is going to be about the findings and resolution done to mitigate some of the heavily triggered weirds at ESnet network. Similar to the analysis done in an earlier version of this talk back in 2018 (Is weird really weird?), however this time, it's new findings on the different network.
Abstract: The weird log file is one of the most interesting log files to analyze that Zeek generates. It reveals information about network activity that is not categorized as normal according to the TCP/IP and other protocol standards. I started to pay more attention to the weird.log file for the last few years and there was a talk related to the same in 2018, which talked about the network misconfigurations found and how they were fixed, based on the weird.log file analysis. Similarly, this time as well, the talk is going to be presenting findings and results done on the ESnet's network traffic, and whether they are really ‘weird’, or just a misconfigured application or misconfigured firewall rules, which is causing the weird patterns in the traffic.
Slack Channel for this session - #vzw-day2-talk4-is-weird-still-weird
Haven't joined the Zeek Slack space yet you can do so at:
https://join.slack.com/t/zeekorg/shared_invite/zt-cgz9wa7p-BXihgVtZlmnRfHZXmUltZQLink to Session Survey - https://forms.gle/aFCTXniakuJGi7YN9
Video Stream
