Syntex, a latex preprocessor was the only thing I found to even be marginally useful. There are some commercial win32 based GUI risk analysis tools that were even less useful. See: http://www.theory.org/~matt/syntex/ http://freshmeat.net/projects/syntex/ -mdf > ----- Original Message ----- > From: "Kruse, Darren (DEH)" <Kruse.Darren2at_private> > To: <pen-testat_private> > Sent: Thursday, March 21, 2002 7:00 PM > Subject: best tool to draw attack trees ?? > > > > I'm puzzling over what is the best way to draw attack trees. > > Attack trees provide a formal, methodical way of describing the security > of > > systems, based on varying attacks. Basically, you represent attacks > against > > a system in a tree structure, with the goal as the root node and different > > ways of achieving that goal as leaf nodes. > > Bruce Schnier's Secrets and Lies - Digital Security in a Networked World > > > http://www.amazon.com/exec/obidos/ASIN/0471253111/qid=1016671800/sr=8-1/ref= > > sr_8_67_1/002-8209990-0206427 , in particular chapter 21 covers Attack > Trees > > There's also a DDJ article on attack trees > > http://www.ddj.com/documents/s=896/ddj9912a/9912a.htm (also by Bruce > > Schnier) that covers virtually the same ground as the book. > > I'm thinking that it would make a really good motivational tool for > > management to see what all the threats are against our systems. > > Having a documented attack tree would also help me in identifying what > holes > > ,and threats I need to worry about RIGHT NOW ! > > My first thought was to wade in, and start drawing with Visio - making use > > of the layers feature to distinguish between different sets of values.. > > Possible / Impossible Cost script kiddie tool released ? > > etc.. > > But does anyone know of a more "closely-suited" tool than Visio ? I've > done > > a google search on "attack tree" software, and come up blank. > > There are cheaper alternatives to Visio - maybe Kivio mp > > http://www.thekompany.com/products/kivio/faq.php3 ?? Unfortunately, the > KDE > > version (Kivio without the mp suffix) doesn't do layers. :-( > > Would a web interface be better ? - certainly for navigating between > > threats, but how about when you want to see a larger part of the tree ? , > or > > the whole attack tree ?? > > Maybe MS Project ? - it's good at showing inter-related tasks , that have > > dependancies and costs, and can output to HTML as well. > > How about when I want to add , or share bits of someone else's attack tree > ? > > It would be cool to be able to download discrete sub-branches, just like > you > > download additional Snort IDS signatures. > > > > Darren Kruse CCNP CCDP > > WAN/LAN Networking Consultant > > Mobile : (+61) 0407 446 399 > > mailto://darren_kruseat_private > > http://www.geocities.com/darren_kruse > > > > > > -------------------------------------------------------------------------- > -- > > This list is provided by the SecurityFocus Security Intelligence Alert > (SIA) > > Service. For more information on SecurityFocus' SIA service which > > automatically alerts you to the latest security vulnerabilities please > see: > > https://alerts.securityfocus.com/ > > > > ----- End forwarded message ----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Fri Mar 22 2002 - 15:50:00 PST