Hacker News new | past | comments | ask | show | jobs | submit login

>I'll just use a python wrapper around libpcap then.

Must be nice, last government SOC I worked in, we could only script with powershell 1.0 installed. Sadly, that was just a year ago.

We had tcpdump and Wireshark, but we weren't allowed to capture anything with it.




We had tcpdump and Wireshark, but we weren't allowed to capture anything with it.

So how does anybody know there isn't data exfiltration going on?


We have our top men working on this.


You usually don't check for exfiltration at the workstation level.


'They have tools to listen to network traffic. But we told them not to. It's fine.'

'So... if they don't intercept network traffic, they were trustworthy and it wouldn't matter. But if they are not trustworthy... they can still sniff the traffic? Are you sure it's fine?'

'Yeah, every modern network is switched so there is nothing to sniff'




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: