Tuesday, April 19, 2005

Things I have been thinking about...

Internet Traffic Analysis: This has long been a major topic at NANOG. I have heard several interesting discussions concerning tracking where spikes in the infrastructure are coming from, and their destinations. Here and Here. I am more curious about a seismic like data concerning massed DDoS attacks. Symantec has a product called deepsight similar to what I am thinking about, not sure whether there are other vendors with similar products.

I am interested in seeing a database that has remote probes scattered across the internet colo'd at prime target destination subnets collecting and analyzing inbound traffic. The model looks like a worldwide IDS, learning about new traffic and attacks as they are being assembled. The idea needs some more work. Just rolling it around in my head at the moment.

5 comments:

Anonymous said...

Certainly an interesting Computer Science problem to solve...

Some interesting insights can be gleaned from the following URL, citing a recent publication on DdoS...what's of most import is the listing of vendors at the bottom, some of them able to provide the ability to "watch" up to millions of addresses at "WireSpeed"...

http://www.bookpool.com/sm/0131475738

Schneier has often commented on what a trickly problem this can be...especially when the root servers are getting hit...

-Troy

Blogs R Us said...

Hi, I'm just a retiree from New Jersey surfing around the net and looking for
interesting blogs. Came across your blog and thought I 'd say hello. Keep up the
good work here.

Regards,
Jim lake michigan fishing charter

David said...

Hi. Came accross this site today - fly fishing. I believe it's new and I'm looking for recommendations from someone who knows, before I buy this fly fishing training book.
fly fishing

fishing trip said...

I like your blog, it is informative and interesting.

Cheers,

fishing trip

Greg said...

trout fishing in va heres the info abouttrout fishing in va