[Oisf-users] Fwd: File Extraction issues
Jeremy A. Grove
jgrove at quadrantsec.com
Mon Jul 24 18:25:23 UTC 2017
I am using AF-packet with the below options.
- interface: eth0
threads: auto
cluster-id: 99
cluster-type: cluster_flow
defrag: yes
checksum-checks: kernel
- interface: eth1
threads: auto
cluster-id: 98
cluster-type: cluster_flow
defrag: yes
- interface: eth2
threads: auto
cluster-id: 97
cluster-type: cluster_flow
defrag: yes
- interface: eth3
threads: auto
cluster-id: 96
cluster-type: cluster_flow
defrag: yes
Jeremy Grove, SSCP
Senior Information Security Analyst
Quadrant Information Security
o: [ callto:(904)296-9100 | (904)296-9100 ] x100
t: [ callto:(800) 538-9357 | (800) 538-9357 ] x100
e: [ mailto:soc at quadrantsec.com | soc at quadrantsec.com ]
Learn more= about our managed SIEM [ https://a.quadrantsec.com/3D%22https://quadrantsec.com/SaganMSSP%22 | people + product ]
From: "Cooper F. Nelson" <cnelson at ucsd.edu>
To: "Jeremy A. Grove" <jgrove at quadrantsec.com>, "oisf-users" <oisf-users at lists.openinfosecfoundation.org>
Sent: Monday, July 24, 2017 2:07:48 PM
Subject: Re: [Oisf-users] Fwd: File Extraction issues
Are you using the AF_PACKET RSS mode?
-Coop
On 7/24/2017 11:11 AM, Jeremy A. Grove wrote:
Any advice on this?
Regards,
Jeremy Grove, SSCP
Senior Information Security Analyst
Quadrant Information Security
o: [ callto:%28904%29296-9100 | (904)296-9100 ] x100
t: [ callto:%28800%29%20538-9357 | (800) 538-9357 ] x100
e: [ mailto:soc at quadrantsec.com | soc at quadrantsec.com ]
Learn more= about our managed SIEM [ https://a.quadrantsec.com/3D%22https://quadrantsec.com/SaganMSSP%22 | people + product ]
--
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team [ mailto:cnelson at ucsd.edu | cnelson at ucsd.edu ] x41042
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170724/12917c45/attachment-0002.html>
More information about the Oisf-users
mailing list