http://web.mit.edu/newsoffice/2008/security-0827.html MIT News August 27, 2008 In response to the chronic cyber threat of hackers, MIT Lincoln Laboratory researchers are developing a software tool to identify the most vulnerable points in a computer network. The tool aims to make it possible for system administrators to focus on parts of a network that are most prone to attack, instead of securing all parts of the network. U.S. government and defense computer networks are attacked all the time, says Richard Lippmann, leader of the work and a senior staff member in Lincoln's Information Systems Technology Group. In an attack known as Titan Rain, between 2003 and 2005 a series of breaches of U.S. government computers may have captured sensitive information about military readiness. NetSPA (for Network Security Planning Architecture) uses information about networks and the individual machines and programs running on them to create a graph that shows how hackers could infiltrate them. System administrators can examine visualizations of the graph themselves to decide what action to take, but NetSPA also analyzes the graph and offers recommendations about how to quickly fix the most important weaknesses. NetSPA relies on vulnerability scanners to identify known weaknesses in network-accessible programs that might allow an unauthorized person access to a machine. But simply being aware of vulnerabilities is not sufficient; NetSPA also has to analyze complex firewall and router rules to determine which vulnerabilities can actually be reached and exploited by attackers and how attackers can spread through a network by jumping from one vulnerable host to another. [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Wed Aug 27 2008 - 22:33:45 PDT
This archive was generated by hypermail 2.2.0 : Wed Aug 27 2008 - 22:35:55 PDT