[CLUE-Talk] Interesting article on frequency of security scans
Kevin Cullis
kevincu at orci.com
Fri Jul 27 08:16:37 MDT 2001
"B. O'Fallon" wrote:
>
> >From the article:
>
> Over the past several years, the Honeynet Project has been collecting
> and archiving information on blackhat activity. We have attempted, to
> the best of our ability, to log and capture every probe, attack, and
> exploit made against our Honeynet. This raw data has the potential for
> great value. We decided to share this data with the security community
> and demonstrate its value. We will focus on two areas. First, we intend
> to demonstrate how aggressive the blackhat community can be. Regardless
> of who you are, you are not safe. Our goal is to make you aware of this
> threat. Second, to test the concept of Early Warning and Prediction. By
> identifying trends and methods, it may be possible to predict an attack
> and react, days before it happens. We test this theory using the data
> the Honeynet Project has collected.
>
> The article is at
>
> http://project.honeynet.org/papers/stats/
Finally, some QA tools used on computer systems: i.e. a Control Chart
showing activity over time!! This is a quote:
> The first was a very basic statistical analysis, similar to the statistical process control methodology used in the manufacturing world to measure defects in a factory setting. This method, although very simple, proved extremely accurate in providing short-term
> (three days or less), warning notice of impending attacks on the Honeynet. The basic process goes like this:
If someone needs some help with this, contact me and I'd be glad to help
out.
Thanks for the article!!
Kevin
More information about the clue-talk
mailing list