A Blue Teamer’s Primer to Traffic Investigation

Squatting Buffal0
Nov 4 · 6 min read

Alert::Unknown IP

There are a few things that come to the mind of an infosec analyst/engineer when reviewing network monitoring alerts. There’s even more when you see something that’s clearly a possible malicious event.

Things that might spike the blood pressure a bit:
Dynamic_DNS_CheckIP_Call
Geo_Location::RU…

Keep the story going. Sign up for an extra free read.

You've completed your member preview for this month, but when you sign up for a free Medium account, you get one more story.
Already have an account? Sign in

Squatting Buffal0

Written by

infosec engineer💻, metalhead🤘 and knowledge philanthropist🧠🍴

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade