You are here: silicon.com > Resources > White Papers > Networking and Communications > Network Management > Monitoring Systems

Monitoring Systems White Papers

On the Design and Use of Internet Sinks for Network Abuse Monitoring

Tags:
monitoring systems

Overview Monitoring unused or dark IP addresses offers opportunities to significantly improve and expand knowledge of abuse activity without many of the problems associated with typical network intrusion detection and firewall systems. This paper addresses the problem of designing and deploying a system for monitoring large unused address spaces such as class A telescopes with 16M IP addresses. The paper describes the architecture and implementation of the Internet Sink (iSink) system which measures packet traffic on unused IP addresses in an efficient, extensible and scalable fashion. In contrast to traditional intrusion detection systems or firewalls, iSink includes an active component that generates response packets to incoming traffic. This gives the iSink an important advantage in discriminating between different types of attacks (through examination of the response payloads).

Further White Paper Details
Publisher	University of Wisconsin	File Format	PDF
Date Published	February 2005
Format	White Papers
Topics	Monitoring Systems, Network Design

Did you find this white paper useful? 4 out of 7 users found this white paper useful

Logic of Logical rubbished

Zoning architecture will increase initial spend on IT, log traffic between zones generated by more firewalls and intrusion detection systems will quadruple. But Clifford added Logical has to be careful not to zone too much and cut the user off from...

Channel:
Security Strategy

Firewall sales to skyrocket, say analysts

Such a product would bring together many functions, such as virus protection, intrusion detection, virtual private networking (VPN), firewalls and content filtering. Business adoption of that tactic, plus sales to new customers, will expand the...

Channel:
Security Strategy

MSBlast worm outbreak 'infected 8 million PCs'

Typically, researchers try to estimate the size of a worm epidemic by collecting data from the records of network devices, such as firewalls and intrusion detection systems. I don't doubt [the new] number," said Johannes Ullrich, CTO for the...

Channel:
Security Strategy

Globix offers protection against brute force net attacks

We view intrusion detection systems as smart firewalls, so for the past nine months we've been working with Top Layer and other partners. Hosting services company Globix has turned to Top Layer Networks to offer intrusion detection to customers...

Cracked: The Great Firewall of China

Computer experts from the University of Cambridge claim not only to have breached the Great Firewall of China but to have found a way to use the firewall to launch denial of service attacks against specific IP addresses in the country.

How BI can help IT win over the board

Many companies might simply check the logs to ensure that no critical overloading occurred but with business intelligence tools, they could find out how much capacity was left unused on average across the entire range of servers.

Virtualisation: Architectual Considerations and other Evaluation Criteria

In the past several years, server virtualisation technology has moved quickly and firmly into the IT mainstream. Of the many approaches to system virtualisation available in the market today, VMware's hypervisor architecture has gained the greatest market acceptance. This paper examines the architectural issues, solution support, and enterprise readiness required when deploying such a virtualisation solution.

Publisher:
EMC

Getting Started with Master Data Management

Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.

Publisher:
DataFlux

Optimising Storage with Global File Virtualisation

This white paper will provide an overview on how Rainfinity Global File Virtualisation virtualises unstructured data environments and moves data -including active, open files-without disruption to users or applications. Rainfinity is the only enterprise-class file virtualisation solution, and delivers complete NAS optimisation across geterogeneous environments, such as NAS, CAS, and file servers.

Publisher:
EMC

Also on silicon.com

Site Navigation:

Monitoring Systems White Papers

On the Design and Use of Internet Sinks for Network Abuse Monitoring

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific