Common terms used within the Teleseer knowledge base and application.
General
ASN: a globally unique identifier that defines a group of one or more IP prefixes
bro/zeek: a powerful framework for network traffic analysis and security monitoring
CVE: Common Vulnerabilities and Exposures. Metric used to identify how insecure a host is. Values can be looked up at https://www.cve.org/
GreyNoise: a cybersecurity platform that collects and analyzes Internet-wide scan and attack traffic
IPinfo: an IP address geolocation lookup to include geographic location, company name, domain, and what type of company it is
PCAP: a network collection file containing packet data of network traffic
PCAPNG: PCAP next generation file. Similar to PCAP but contains additional metadata in packet header
RDNS: Reverse DNS lookup which is used to query the DNS to determine the domain name associated with an IP address
Accounts
DUA: Data Under Analysis is the total uncompressed amount of data that Teleseer has processed and stored for your account
Team: a collection of projects that share a common access
User: an individual end user with access to one or more teams
Application
Broadcast Domain: the portion of the network sharing the same layer 2 segment in which all hosts can reach other by broadcasting on this layer
External Hosts: Hosts identified as being in the public IP address space
Host: a device that appears within the topology
Inspector: contains detailed information about the selected host or timeline block
Inventory: a table of hosts within the current project
Projects: an object used to ingest uploaded files. Opening a project will view the corresponding topology
Tag: a word used to identify a particular project or host
Timeline: an interactive listing of all traffic that occurred within the given file set or from the selected host(s)
Topology: the reconstructed network diagram
Upload: an uploaded file (of a supported file type)
Vulnerable: this host has been identified has having a common vulnerability