Explore advanced techniques for leveraging Freq and Domain_Stats tools in this conference talk from Security Onion Conference 2018. Delve into domain creation dates, installation processes, and query capabilities of DomainStats. Learn about Unicode domain names, updating disk cache, and configuring the Freq server. Discover methods for identifying host names, measuring frequency, and interpreting probability tables. Compare different approaches to DomainStats results and gain insights into building custom frequency tables. Understand the FreakScore concept and stay updated on the latest features, including CloudFront domains. Enhance your security analysis skills with practical applications of these powerful tools.
Getting the Most out of Freq and Domain Stats
Overview
Syllabus
Intro
About me
Domain Creation Dates
Installing DomainStats
Queries
Fields
Unicode Domain Names
Update Disk Cache
Freq Server
Host Names
Identifying Host Names
Measuring Freq
Freq Probability Table
Freq Probability
DomainStats Results
Method 1 vs Method 2
FreqServer
Configuration
Build your own frequency tables
Build a frequency table based on filenames
Multiple frequency tables
FreakScore
Let me know
I love to receive feature requests
I heard something about CloudFront domains
Python Freak
Taught by
Security Onion
