How To Use Window's Advanced Network Connection Audit Logging to Detect and Hunt for Cyber Attackers

preview_player
Показать описание
In this edition of #TechTalkTuesday we explore Window's advanced audit logging for network connections and talk about how you can leverage Window's built-in features to discover attackers. We explore success and error event IDs to examine connections, packets, and ports associated with applications and lower-level protocols.

Please like and subscribe to support our channel!

Chapters:
00:00 - Intro
00:25 - Overview of the Windows Filtering Platform
04:09 - Using Windows Event Logs to Detect Malicious Network Activity
06:22 - Enabling Advanced Network Activity Monitoring
07:29 - Auditing Connection and Packet Blocking With Windows Event ID 5150 and 5157
10:03 - Auditing Successful Network Connections With Windows Event ID 5165
10:59 - Auditing Successful or Failed Port Binding With Windows Event ID 5158 and 5159
13:01 - Auditing Successful or Failed Application and Service Port Binding With Windows Event ID 5154 and 5155
14:39 - Auditing Failed Incoming Application Connections With Windows Event ID 5031
15:06 - Wrapping Up
  1. Insane Cyber
  2. cybersecurity
  3. threat hunting
  4. cyber security
  5. security
  6. cyber security training
Рекомендации по теме
9 Advanced Windows 0:17:20

9 Advanced Windows Features EVERYONE Should Know!

Advanced Windows Features 0:09:39

Advanced Windows Features You Should Know

10 Advanced Windows 0:12:24

10 Advanced Windows Features That Will Surprise You!

Secret Windows Shortcuts 0:01:00

Secret Windows Shortcuts

Enter into Windows 0:00:27

Enter into Windows recovery mode from BOOT using Hot Key.. press f12 | Asus Vivobook 15Oled

Windows 10: Resolve 0:06:24

Windows 10: Resolve startup problems with the Advanced Boot Options

Advanced Windows 10 0:08:59

Advanced Windows 10 Features That Will Surprise You

How to Enter 0:03:17

How to Enter Windows 10 Recovery Environment From Boot | Open Advanced Boot Options From Start up

How Iron Dome 0:00:37

How Iron Dome Changed Warfare Forever #shorts #shortsfeed #trandingvideo

Advanced Performance Analysis 0:15:33

Advanced Performance Analysis in Windows

8 Ways to 0:08:33

8 Ways to Access Advanced Boot Options on Windows 11

How to Open 0:09:21

How to Open Advanced Options in Windows 10 & Windows 11 | Boot to Windows Recovery Menu From Sta...

✔️ Windows 10 0:03:49

✔️ Windows 10 - Optimize Performance - Virtual Memory - Advanced System Settings - Speed Up Win 10...

10 Advanced Windows 0:16:24

10 Advanced Windows 10 Tips and Tricks for 2020

Advanced Windows 10 0:46:53

Advanced Windows 10 Tutorial For Power Users

Window 10 Tips 0:01:50

Window 10 Tips - Advanced System Settings

Top 10 Windows 0:15:19

Top 10 Windows Tips Tricks & Shortcuts that Every computer users should know in 2022

Increase RAM Windows 0:02:51

Increase RAM Windows 10 \ 8 \ 7 just with these Advanced Settings | How to get more RAM

5 Ways to 0:04:00

5 Ways to Access Advanced Startup Options Menu in Windows 10

7 Ways to 0:06:12

7 Ways to Boot to Advanced Startup Options in Windows 10

How to Change 0:02:06

How to Change Windows 11 Advanced Power Settings

Windows 7 - 0:03:04

Windows 7 - Performance - Visual Effects - Advanced System Settings

How to Boot 0:01:45

How to Boot to Advanced Startup Options in Windows 10 (Official Dell Tech Support)

EZWrite 6 Windows/Web 0:03:01

EZWrite 6 Windows/Web How to use advanced shortcut | BenQ