diff --git a/docs/workshop/0-introduction/d4-introduction.aux b/docs/workshop/0-introduction/d4-introduction.aux index b56d425..6ff2c4b 100644 --- a/docs/workshop/0-introduction/d4-introduction.aux +++ b/docs/workshop/0-introduction/d4-introduction.aux @@ -56,8 +56,10 @@ \@writefile{nav}{\headcommand {\beamer@framepages {18}{18}}} \@writefile{nav}{\headcommand {\slideentry {0}{0}{19}{19/19}{}{0}}} \@writefile{nav}{\headcommand {\beamer@framepages {19}{19}}} -\@writefile{nav}{\headcommand {\beamer@partpages {1}{19}}} -\@writefile{nav}{\headcommand {\beamer@subsectionpages {1}{19}}} -\@writefile{nav}{\headcommand {\beamer@sectionpages {1}{19}}} -\@writefile{nav}{\headcommand {\beamer@documentpages {19}}} -\@writefile{nav}{\headcommand {\gdef \inserttotalframenumber {18}}} +\@writefile{nav}{\headcommand {\slideentry {0}{0}{20}{20/20}{}{0}}} +\@writefile{nav}{\headcommand {\beamer@framepages {20}{20}}} +\@writefile{nav}{\headcommand {\beamer@partpages {1}{20}}} +\@writefile{nav}{\headcommand {\beamer@subsectionpages {1}{20}}} +\@writefile{nav}{\headcommand {\beamer@sectionpages {1}{20}}} +\@writefile{nav}{\headcommand {\beamer@documentpages {20}}} +\@writefile{nav}{\headcommand {\gdef \inserttotalframenumber {19}}} diff --git a/docs/workshop/0-introduction/d4-introduction.log b/docs/workshop/0-introduction/d4-introduction.log index 2708ebf..b9501eb 100644 --- a/docs/workshop/0-introduction/d4-introduction.log +++ b/docs/workshop/0-introduction/d4-introduction.log @@ -1,4 +1,4 @@ -This is pdfTeX, Version 3.14159265-2.6-1.40.18 (TeX Live 2017/Debian) (preloaded format=pdflatex 2018.10.13) 4 FEB 2019 23:08 +This is pdfTeX, Version 3.14159265-2.6-1.40.18 (TeX Live 2017/Debian) (preloaded format=pdflatex 2018.10.13) 5 FEB 2019 22:18 entering extended mode restricted \write18 enabled. %&-line parsing enabled. @@ -1303,22 +1303,24 @@ LaTeX Font Info: Font shape `T1/FiraSans-OsF/m/it' will be ] [11 +] [12 + ] LaTeX Font Info: Font shape `T1/FiraSans-OsF/m/n' will be -(Font) scaled to size 12.0pt on input line 159. +(Font) scaled to size 12.0pt on input line 168. (/usr/share/texlive/texmf-dist/tex/latex/listings/lstlang1.sty File: lstlang1.sty 2015/06/04 1.6 listings language file ) (/usr/share/texlive/texmf-dist/tex/latex/listings/lstlang1.sty File: lstlang1.sty 2015/06/04 1.6 listings language file -) (./tcpdump.tex) [12 +) (./tcpdump.tex) [13 -] [13 +] [14 -] (./d4-client.tex) [14 +] (./d4-client.tex) [15 -] [15 +] [16 ] Missing character: There is no s in font nullfont! @@ -1331,17 +1333,17 @@ Missing character: There is no 0 in font nullfont! Missing character: There is no . in font nullfont! Missing character: There is no 4 in font nullfont! -Underfull \hbox (badness 1320) in paragraph at lines 249--249 +Underfull \hbox (badness 1320) in paragraph at lines 258--258 []|\T1/FiraSans-OsF/m/sc/14.4 Observing SYN floods at-tacks in backscat-ter [] -[16 +[17 -] [17 +] [18 -] (./flags.tex) [18 +] (./flags.tex) [19 -] (./pibs.tex) [19 +] (./pibs.tex) [20 ] \tf@nav=\write7 @@ -1353,19 +1355,19 @@ Underfull \hbox (badness 1320) in paragraph at lines 249--249 \tf@snm=\write9 \openout9 = `d4-introduction.snm'. -Package atveryend Info: Empty hook `BeforeClearDocument' on input line 310. -Package atveryend Info: Empty hook `AfterLastShipout' on input line 310. +Package atveryend Info: Empty hook `BeforeClearDocument' on input line 321. +Package atveryend Info: Empty hook `AfterLastShipout' on input line 321. (./d4-introduction.aux) -Package atveryend Info: Executing hook `AtVeryEndDocument' on input line 310. -Package atveryend Info: Executing hook `AtEndAfterFileList' on input line 310. +Package atveryend Info: Executing hook `AtVeryEndDocument' on input line 321. +Package atveryend Info: Executing hook `AtEndAfterFileList' on input line 321. Package rerunfilecheck Info: File `d4-introduction.out' has not changed. (rerunfilecheck) Checksum: D41D8CD98F00B204E9800998ECF8427E;0. ) Here is how much of TeX's memory you used: - 25611 strings out of 492982 - 514988 string characters out of 6134895 - 651424 words of memory out of 5000000 - 28536 multiletter control sequences out of 15000+600000 + 25619 strings out of 492982 + 515071 string characters out of 6134895 + 651506 words of memory out of 5000000 + 28542 multiletter control sequences out of 15000+600000 324948 words of font info for 86 fonts, out of 8000000 for 9000 1141 hyphenation exceptions out of 8191 71i,16n,99p,821b,1405s stack positions out of 5000i,500n,10000p,200000b,80000s @@ -1379,10 +1381,10 @@ ic/fira/FiraSans-Regular.pfb> -Output written on d4-introduction.pdf (19 pages, 600379 bytes). +Output written on d4-introduction.pdf (20 pages, 602366 bytes). PDF statistics: - 200 PDF objects out of 1000 (max. 8388607) - 152 compressed objects within 2 object streams - 39 named destinations out of 1000 (max. 500000) + 207 PDF objects out of 1000 (max. 8388607) + 158 compressed objects within 2 object streams + 41 named destinations out of 1000 (max. 500000) 58 words of extra memory for PDF output out of 10000 (max. 10000000) diff --git a/docs/workshop/0-introduction/d4-introduction.nav b/docs/workshop/0-introduction/d4-introduction.nav index bd2db22..4f11164 100644 --- a/docs/workshop/0-introduction/d4-introduction.nav +++ b/docs/workshop/0-introduction/d4-introduction.nav @@ -36,8 +36,10 @@ \headcommand {\beamer@framepages {18}{18}} \headcommand {\slideentry {0}{0}{19}{19/19}{}{0}} \headcommand {\beamer@framepages {19}{19}} -\headcommand {\beamer@partpages {1}{19}} -\headcommand {\beamer@subsectionpages {1}{19}} -\headcommand {\beamer@sectionpages {1}{19}} -\headcommand {\beamer@documentpages {19}} -\headcommand {\gdef \inserttotalframenumber {18}} +\headcommand {\slideentry {0}{0}{20}{20/20}{}{0}} +\headcommand {\beamer@framepages {20}{20}} +\headcommand {\beamer@partpages {1}{20}} +\headcommand {\beamer@subsectionpages {1}{20}} +\headcommand {\beamer@sectionpages {1}{20}} +\headcommand {\beamer@documentpages {20}} +\headcommand {\gdef \inserttotalframenumber {19}} diff --git a/docs/workshop/0-introduction/d4-introduction.pdf b/docs/workshop/0-introduction/d4-introduction.pdf index e34ae17..8d05852 100644 Binary files a/docs/workshop/0-introduction/d4-introduction.pdf and b/docs/workshop/0-introduction/d4-introduction.pdf differ diff --git a/docs/workshop/0-introduction/d4-introduction.tex b/docs/workshop/0-introduction/d4-introduction.tex index 8077fb9..661db9b 100644 --- a/docs/workshop/0-introduction/d4-introduction.tex +++ b/docs/workshop/0-introduction/d4-introduction.tex @@ -129,6 +129,15 @@ \input{meta.tex} \end{frame} +\begin{frame} + \frametitle{D4-core server} + \begin{itemize} + \item D4 core server\footnote{\url{https://github.com/D4-project/d4-core}} is a complete server to handle clients (sensors) including the decapsulation of the D4 protocol, control of sensor registrations, management of decoding protocols and dispatching to adequate decoders/analysers. + \item D4 server is written in Python 3.6 and runs on standard GNU/Linux distribution. + \end{itemize} +\end{frame} + + \begin{frame} \frametitle{} {\center Use-case: migrating a legacy network capture model into a D4 network sensor @@ -267,7 +276,7 @@ Attack description \end{frame} \begin{frame} - \frametitle{Confirm if there is a DDOS attack} + \frametitle{Confirm if there is/was a DDoS attack} \begin{block}{Problem} \begin{itemize} \item Distinguish between compromised infrastructure and backscatter @@ -288,7 +297,9 @@ Attack description breaklines=true, columns=fullflexible } -\input{pibs.tex} + \input{pibs.tex} + Early version is available of PIBS\footnote{\url{https://github.com/D4-project/analyzer-d4-pibs}} + with a focus on TCP traffic. \begin{tabular}{l|l} Options & Explanations\\ \hline