[unisog] Darknet tools

Brance Amussen :)_S brance at jhu.edu
Fri Nov 5 17:52:32 GMT 2004


looks like there is more than one definition of a "darknet"
http://rider.wharton.upenn.edu/~faulhabe/790/DarkNets.html
I am assuming of coarse that Jennifer is refering to the definition at
cymru.
B :)_S


-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org]On Behalf Of Peter Van Epp
Sent: Friday, November 05, 2004 12:24 PM
To: UNIversity Security Operations Group
Subject: Re: [unisog] Darknet tools


	Ah! I have a bunch of darknets (we just call them unallocated address
space) and didn't know what I should be calling them :-). A kind person
pointed me at http://www.cymru.com/Darknet/index.html. As others have
mentioned
argus on both of our links (outside all of our border filtering) sees all
sorts
of interesting attempts to do odd things to non existant addresses (as well
of course as our users doing undesirable things outbound until discouraged
...)
and has done so (if I go to tape and old argus versions) for the last 5
years
or so. My new netoptics regen taps will allow me (with a sufficiently
powerful
box and disks) to capture the complete packet if desired without impacting
the
argus capture (the volume is such that attempting to run tcpdump in parallel
with argus on the same machine causes packet loss).

Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada

On Thu, Nov 04, 2004 at 10:53:48PM -0500, Jennifer Tu wrote:
> As a project for a network security course at MIT, we have set up a
> darknet on an MIT subnet.  What tools have you used to parse, analyze,
> monitor, and visualize darknet data?  Do you have a darknet on your
> network?  What do you use it for?
>
> Jennifer Tu
> _______________________________________________
> unisog mailing list
> unisog at lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog
_______________________________________________
unisog mailing list
unisog at lists.sans.org
http://www.dshield.org/mailman/listinfo/unisog




More information about the unisog mailing list