Linux Today: Linux News On Internet Time.

More on LinuxToday

DOE Lab Releases Open Source Attack Intelligence Tool

Apr 18, 2012, 12:02 (0 Talkback[s])
(Other stories by Kelly Jackson Higgins)

"The so-called Hone tool is basically a host-based sensor that automatically pinpoints which applications or processes infected machines and an external network are using to communicate. So it could help determine the specific app used between a bot and its command and control, or between an infected machine and the attacker trying to siphon information or intellectual property.

"PNNL, which was the victim of consecutive targeted attacks last summer, is test-running Hone along with its homegrown visualization technology. The open-source Hone code is available to the public, and its creator Glenn Fink hopes the community will then share any extensions to the tool as well in the public domain. It's currently available for Linux, and the lab is also working on Windows 7 and Mac OS X versions as well. "

Complete Story

Related Stories: