RE: Network and Incident Symbology: Comments Wanted

From: Becky Bace (infomomat_private)
Date: Fri Nov 09 2001 - 12:14:35 PST

Next message: Dave Dittrich: "Re: Analysis of SSH crc32 compensation attack detector exploit"

Previous message: Nathan Einwechter: "Re: multiple attempts to login via telnet from multiple IP's ... new worm?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I seem  to recall an effort to develop a standard set of such icons for
infowar. (There were panel discussions of it at the final National Infosec
Conference; perhaps a look at the proceedings - look at NIST's security
clearinghouse for an online version - would provide additional information)
I know that a small group of us were working on this, too, for use in
computer security training.

-Becky Bace


>
> Ever since I was in high school I've been playing wargames.
...
> I was mulling all of this over while I was tinkering around with some
> new visualisation tools for the NIDS software I've been working on.  The
> result is a new GUI widget or two that will probably be in the next
> release of my code.  It seems to me (and this might just be hubris) that
> the symbology and diagramming methodology I worked out might be of
> more general interest.
>
> So, I present a draft of a document describing the symbols and diagrams
> for review, discussion, criticism, revision, derision, and whatnot.  The
> draft can be found at:
>
> 	http://www.meshuggeneh.net/shoki/symbols/
>
> I'm unaware of any existing standards of this sort, with the exception
> of the systems I allude to above (and in the draft document) which
> have the weaknesses I address.  If someone is aware of an existing
> standard or system similar to the one I propose, a pointer would be
> much appreciated.
>
>
>
>
>
>
>
>
> - -Steve
>
> - -----
> 0	This isn't entirely true;  in fact, I have the paper-and-dice
> 	rules for the latest edition of ASL.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.3 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> iD8DBQE7653fG3kIaxeRZl8RAlKhAJ98jBDPCnhJog8AeP2IWt5rT1ZjwwCeJmy7
> GK3QSAA7sCS58PkOu0idrvk=
> =j57W
> -----END PGP SIGNATURE-----


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Dave Dittrich: "Re: Analysis of SSH crc32 compensation attack detector exploit"
Previous message: Nathan Einwechter: "Re: multiple attempts to login via telnet from multiple IP's ... new worm?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 09 2001 - 13:10:39 PST