UKNOF is being closed down during 2024, and this site is now only active as an archive of previous events and presentations.

13 September 2013
15Hatfields
Europe/London timezone

Tackling botnets on large networks, and the state of incident response

13 Sept 2013, 16:05
25m
15Hatfields

15Hatfields

15 Hatfields, Chadwick Court, London, SE1 8DJ
Main Session

Speaker

Mr James Davis (Janet)

Description

Janet CSIRT uses a combination of open source intelligence and netflow to track down and remove malware clients from their customer's networks. This is done with an open source tool chain and without the use of expensive propitiatory tool chain. The talk will look at some of the methods and sources of intelligence that we use, and some future ideas for extending these systems to react faster to new malware. If time allows I'll also continue to talk about the state of play in incident response within the UK, covering some recent activities and projects at that the wider community may not be aware of.

Primary author

Mr James Davis (Janet)

Presentation materials