MIT Working On Network Vulnerability Analysis

[Steve]

An anonymous reader writes "Researchers at MIT have created a method for analyzing networks to detect exploitable vulnerabilities using attack graph analysis which can be done in near real time. The new Lincoln Labs tool will allow admins of large networks to detect their most vulnerable areas and also model zero day attacks. 'NetSPA (for Network Security Planning Architecture) uses information about networks and the individual machines and programs running on them to create a graph that shows how hackers could infiltrate them. System administrators can examine visualizations of the graph themselves to decide what action to take, but NetSPA also analyzes the graph and offers recommendations about how to quickly fix the most important weaknesses. NetSPA relies on vulnerability scanners to identify known weaknesses in network-accessible programs that might allow an unauthorized person access to a machine. But simply being aware of vulnerabilities is not sufficient; NetSPA also has to analyze complex firewall and router rules to determine which vulnerabilities can actually be reached and exploited by attackers and how attackers can spread through a network by jumping from one vulnerable host to another.'"http://slashdot.org/slashdot-it.pl?f...8/08/29/208224
Read more of this story at Slashdot.
http://rss.slashdot.org/~a/Slashdot/slashdot?i=DjFtce


More...