InfoSec News

One area of interest that I have is network visualization. What I'm referring to is being able to visually see the traffic flows and patterns to determine anomolies or events of interest. We have so much information with our networks today, that it is difficult to process all of it. The trend seems to be getting worse and reverting back to my good ole Army days of Do more with less. With the economic times we live it, it always seems that security is one area that takes a hit. So, we have to work smarter and network visualization is one area that Ithink has great potential, but seems to be very under developed.
I haven't explored what's out there in a couple of years. What was out there that I experimented with it were tools such as:

Time-based Network Traffic Visualizer (TNV)
NVisionIP
Spinning Cube of Potential Doom
VisFlowConnect
FlowTag
InetVis

However, these tools had a long ways to go before they could really be effective on a large scale. Some were java based and SLOW (others were just slow) when processing any significant amount of data. However, what they did do, was pretty impressive for being able to visually make sense of a pcap file or your netflow data. They work great for looking at small chunks of traffic and helping immediately see anomolies. If this could just be channeled into a near real-time scenario for monitoring networks, that would be fantastic.
I did some quick google searches and didn't turn up any thing new in this arena. If anyone has any experience with network visualization or knows of any tools or workbeing done, please let us know. (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
One of our readers sent in this link:
hxxp://dazzlepod.com/rootkit/
It has a publicly disclosed list of accounts exposed from the attack on HBGary. As always follow the link at your own risk but it has been checked. It is regarding the site rootkit dot com. Their site seems to be unreachable at the moment but the article from Dazzlepod indicates that some passwords match Gmail and Twitter. 2 Factor Auth cannot come fast enough?
If you would like an offline copy email me at richardat isc dot sans dot edu
Richard Porter
--- ISC Handler on Duty (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Sony Ericsson unveiled its PlayStation phone, the Xperia Play, on Sunday at the World Mobile Congress. The company hopes it will attract gamers to the well-known Sony brand.
 
Nokia CEO Stephen Elop told reporters Sunday that there are no plans at this time for a sale of the company to partner Microsoft.
 
Samsung has added the Honeycomb-based Galaxy Tab 10.1 to its line-up of tablets.
 
Nokia on Sunday hinted that Microsoft essentially won a bidding war against Google to supply software to the world's largest handset maker and that the software giant agreed to pay 'billions' of dollars for the privilege.
 
Verizon likely won't implement a plan to throttle the data speeds of the heaviest users on its network, an executive at Flash Networks said today at the Mobile World Congress in Barcelona.
 
Samsung has added the Honeycomb-based Galaxy Tab 10.1 to its line-up of tablets.
 
Samsung has launched the Galaxy S II, which is equipped with a dual-core processor, an improved screen and faster Internet access using HSPA+ (High-Speed Packet Access).
 
We need a new soundtrack for the office, something strong enough to pry loose the earworm that is Jingle Bells as we prep for tax season. Our pick? "Only the Lonely," arranged by Nelson Riddle and recorded by Frank Sinatra on an album by the same name. Added bonus: the LP's cover lettering is the inspiration for Riddle, a brush script font that is about to help us stylishly organize a mountain of receipts.
 
Reports out of Algeria say the North African country has shut down Internet access and eliminated Facebook accounts as pro-democracy protesters seek to topple the government much as Egyptians did in their nation this week.
 
Reports out of Algeria say the North African country has shut down Internet access and eliminated Facebook accounts as pro-democracy protesters seek to topple the government much as Egyptians did in their nation this week.
 


Internet Storm Center Infocon Status