D4
/
architecture
mirror of https://github.com/D4-project/architecture
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [doc] some updates

master
Alexandre Dulaunoy 2019-02-05 22:19:35 +01:00
parent a4e559c23e
commit 0e5979101d
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
5 changed files with 52 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/workshop/0-introduction/d4-introduction.aux
View File

@ -56,8 +56,10 @@
\@writefile{nav}{\headcommand {\beamer@framepages {18}{18}}} \@writefile{nav}{\headcommand {\beamer@framepages {18}{18}}}
\@writefile{nav}{\headcommand {\slideentry {0}{0}{19}{19/19}{}{0}}} \@writefile{nav}{\headcommand {\slideentry {0}{0}{19}{19/19}{}{0}}}
\@writefile{nav}{\headcommand {\beamer@framepages {19}{19}}} \@writefile{nav}{\headcommand {\beamer@framepages {19}{19}}}
\@writefile{nav}{\headcommand {\beamer@partpages {1}{19}}} \@writefile{nav}{\headcommand {\slideentry {0}{0}{20}{20/20}{}{0}}}
\@writefile{nav}{\headcommand {\beamer@subsectionpages {1}{19}}} \@writefile{nav}{\headcommand {\beamer@framepages {20}{20}}}
\@writefile{nav}{\headcommand {\beamer@sectionpages {1}{19}}} \@writefile{nav}{\headcommand {\beamer@partpages {1}{20}}}
\@writefile{nav}{\headcommand {\beamer@documentpages {19}}} \@writefile{nav}{\headcommand {\beamer@subsectionpages {1}{20}}}
\@writefile{nav}{\headcommand {\gdef \inserttotalframenumber {18}}} \@writefile{nav}{\headcommand {\beamer@sectionpages {1}{20}}}
\@writefile{nav}{\headcommand {\beamer@documentpages {20}}}
\@writefile{nav}{\headcommand {\gdef \inserttotalframenumber {19}}}

48
docs/workshop/0-introduction/d4-introduction.log
View File

@ -1,4 +1,4 @@
This is pdfTeX, Version 3.14159265-2.6-1.40.18 (TeX Live 2017/Debian) (preloaded format=pdflatex 2018.10.13) 4 FEB 2019 23:08 This is pdfTeX, Version 3.14159265-2.6-1.40.18 (TeX Live 2017/Debian) (preloaded format=pdflatex 2018.10.13) 5 FEB 2019 22:18
entering extended mode entering extended mode
restricted \write18 enabled. restricted \write18 enabled.
%&-line parsing enabled. %&-line parsing enabled.
@ -1303,22 +1303,24 @@ LaTeX Font Info: Font shape `T1/FiraSans-OsF/m/it' will be
] [11 ] [11
] [12
] ]
LaTeX Font Info: Font shape `T1/FiraSans-OsF/m/n' will be LaTeX Font Info: Font shape `T1/FiraSans-OsF/m/n' will be
(Font) scaled to size 12.0pt on input line 159. (Font) scaled to size 12.0pt on input line 168.
(/usr/share/texlive/texmf-dist/tex/latex/listings/lstlang1.sty (/usr/share/texlive/texmf-dist/tex/latex/listings/lstlang1.sty
File: lstlang1.sty 2015/06/04 1.6 listings language file File: lstlang1.sty 2015/06/04 1.6 listings language file
) )
(/usr/share/texlive/texmf-dist/tex/latex/listings/lstlang1.sty (/usr/share/texlive/texmf-dist/tex/latex/listings/lstlang1.sty
File: lstlang1.sty 2015/06/04 1.6 listings language file File: lstlang1.sty 2015/06/04 1.6 listings language file
) (./tcpdump.tex) [12 ) (./tcpdump.tex) [13
] [13 ] [14
] (./d4-client.tex) [14 ] (./d4-client.tex) [15
] [15 ] [16
] ]
Missing character: There is no s in font nullfont! Missing character: There is no s in font nullfont!
@ -1331,17 +1333,17 @@ Missing character: There is no 0 in font nullfont!
Missing character: There is no . in font nullfont! Missing character: There is no . in font nullfont!
Missing character: There is no 4 in font nullfont! Missing character: There is no 4 in font nullfont!
Underfull \hbox (badness 1320) in paragraph at lines 249--249 Underfull \hbox (badness 1320) in paragraph at lines 258--258
[]|\T1/FiraSans-OsF/m/sc/14.4 Observing SYN floods at-tacks in backscat-ter []|\T1/FiraSans-OsF/m/sc/14.4 Observing SYN floods at-tacks in backscat-ter
[] []
[16 [17
] [17 ] [18
] (./flags.tex) [18 ] (./flags.tex) [19
] (./pibs.tex) [19 ] (./pibs.tex) [20
] ]
\tf@nav=\write7 \tf@nav=\write7
@ -1353,19 +1355,19 @@ Underfull \hbox (badness 1320) in paragraph at lines 249--249
\tf@snm=\write9 \tf@snm=\write9
\openout9 = `d4-introduction.snm'. \openout9 = `d4-introduction.snm'.
Package atveryend Info: Empty hook `BeforeClearDocument' on input line 310. Package atveryend Info: Empty hook `BeforeClearDocument' on input line 321.
Package atveryend Info: Empty hook `AfterLastShipout' on input line 310. Package atveryend Info: Empty hook `AfterLastShipout' on input line 321.
(./d4-introduction.aux) (./d4-introduction.aux)
Package atveryend Info: Executing hook `AtVeryEndDocument' on input line 310. Package atveryend Info: Executing hook `AtVeryEndDocument' on input line 321.
Package atveryend Info: Executing hook `AtEndAfterFileList' on input line 310. Package atveryend Info: Executing hook `AtEndAfterFileList' on input line 321.
Package rerunfilecheck Info: File `d4-introduction.out' has not changed. Package rerunfilecheck Info: File `d4-introduction.out' has not changed.
(rerunfilecheck) Checksum: D41D8CD98F00B204E9800998ECF8427E;0. (rerunfilecheck) Checksum: D41D8CD98F00B204E9800998ECF8427E;0.
) )
Here is how much of TeX's memory you used: Here is how much of TeX's memory you used:
25611 strings out of 492982 25619 strings out of 492982
514988 string characters out of 6134895 515071 string characters out of 6134895
651424 words of memory out of 5000000 651506 words of memory out of 5000000
28536 multiletter control sequences out of 15000+600000 28542 multiletter control sequences out of 15000+600000
324948 words of font info for 86 fonts, out of 8000000 for 9000 324948 words of font info for 86 fonts, out of 8000000 for 9000
1141 hyphenation exceptions out of 8191 1141 hyphenation exceptions out of 8191
71i,16n,99p,821b,1405s stack positions out of 5000i,500n,10000p,200000b,80000s 71i,16n,99p,821b,1405s stack positions out of 5000i,500n,10000p,200000b,80000s
@ -1379,10 +1381,10 @@ ic/fira/FiraSans-Regular.pfb></usr/share/texlive/texmf-dist/fonts/type1/public/
amsfonts/cm/cmmi10.pfb></usr/share/texlive/texmf-dist/fonts/type1/public/amsfon amsfonts/cm/cmmi10.pfb></usr/share/texlive/texmf-dist/fonts/type1/public/amsfon
ts/cm/cmsy10.pfb></usr/share/texlive/texmf-dist/fonts/type1/public/amsfonts/sym ts/cm/cmsy10.pfb></usr/share/texlive/texmf-dist/fonts/type1/public/amsfonts/sym
bols/msam10.pfb> bols/msam10.pfb>
Output written on d4-introduction.pdf (19 pages, 600379 bytes). Output written on d4-introduction.pdf (20 pages, 602366 bytes).
PDF statistics: PDF statistics:
200 PDF objects out of 1000 (max. 8388607) 207 PDF objects out of 1000 (max. 8388607)
152 compressed objects within 2 object streams 158 compressed objects within 2 object streams
39 named destinations out of 1000 (max. 500000) 41 named destinations out of 1000 (max. 500000)
58 words of extra memory for PDF output out of 10000 (max. 10000000) 58 words of extra memory for PDF output out of 10000 (max. 10000000)

12
docs/workshop/0-introduction/d4-introduction.nav
View File

@ -36,8 +36,10 @@
\headcommand {\beamer@framepages {18}{18}} \headcommand {\beamer@framepages {18}{18}}
\headcommand {\slideentry {0}{0}{19}{19/19}{}{0}} \headcommand {\slideentry {0}{0}{19}{19/19}{}{0}}
\headcommand {\beamer@framepages {19}{19}} \headcommand {\beamer@framepages {19}{19}}
\headcommand {\beamer@partpages {1}{19}} \headcommand {\slideentry {0}{0}{20}{20/20}{}{0}}
\headcommand {\beamer@subsectionpages {1}{19}} \headcommand {\beamer@framepages {20}{20}}
\headcommand {\beamer@sectionpages {1}{19}} \headcommand {\beamer@partpages {1}{20}}
\headcommand {\beamer@documentpages {19}} \headcommand {\beamer@subsectionpages {1}{20}}
\headcommand {\gdef \inserttotalframenumber {18}} \headcommand {\beamer@sectionpages {1}{20}}
\headcommand {\beamer@documentpages {20}}
\headcommand {\gdef \inserttotalframenumber {19}}

BIN
docs/workshop/0-introduction/d4-introduction.pdf
View File

Binary file not shown.

15
docs/workshop/0-introduction/d4-introduction.tex
View File

@ -129,6 +129,15 @@
\input{meta.tex} \input{meta.tex}
\end{frame} \end{frame}
\begin{frame}
\frametitle{D4-core server}
\begin{itemize}
\item D4 core server\footnote{\url{https://github.com/D4-project/d4-core}} is a complete server to handle clients (sensors) including the decapsulation of the D4 protocol, control of sensor registrations, management of decoding protocols and dispatching to adequate decoders/analysers.
\item D4 server is written in Python 3.6 and runs on standard GNU/Linux distribution.
\end{itemize}
\end{frame}
\begin{frame} \begin{frame}
\frametitle{} \frametitle{}
{\center Use-case: migrating a legacy network capture model into a D4 network sensor {\center Use-case: migrating a legacy network capture model into a D4 network sensor
@ -267,7 +276,7 @@ Attack description
\end{frame} \end{frame}
\begin{frame} \begin{frame}
\frametitle{Confirm if there is a DDOS attack} \frametitle{Confirm if there is/was a DDoS attack}
\begin{block}{Problem} \begin{block}{Problem}
\begin{itemize} \begin{itemize}
\item Distinguish between compromised infrastructure and backscatter \item Distinguish between compromised infrastructure and backscatter
@ -288,7 +297,9 @@ Attack description
breaklines=true, breaklines=true,
columns=fullflexible columns=fullflexible
} }
\input{pibs.tex} \input{pibs.tex}
Early version is available of PIBS\footnote{\url{https://github.com/D4-project/analyzer-d4-pibs}}
with a focus on TCP traffic.
\begin{tabular}{l|l} \begin{tabular}{l|l}
Options & Explanations\\ Options & Explanations\\
\hline \hline