• 0 Posts
  • 2 Comments
Joined 1 year ago
cake
Cake day: October 13th, 2023

help-circle
  • I’ve gone down this rabbit hole and have yet to find a solution I like. The only routes I haven’t gone down yet are the grey log or sec onion, as the learning curve is steep.

    I do use crowdsec and that has been semi-helpful at showing me where a scanner is trying to poke around and on what service.

    I currently use ntopng’s community version and that’s been acceptable for now. Some parts are a bit confusing and the documentation didn’t help me understand, but the tables are really well laid out and I can easily see the server/cliebt relationship with in and outbound traffic. I’ll try and share screenshots of how it looks for me to see if that helps you.