subject: (Fwd) Announcing a global view on Internet events: ATLAS posted: Thu, 15 Feb 2007 21:52:29 -0000
------- Forwarded message follows -------
Date sent: Tue, 6 Feb 2007 11:10:33 -0500 (EST)
From: Jose Nazario <[email protected]>
To: [email protected]
Subject: Announcing a global view on Internet events: ATLAS
[ Double-click this line for list subscription options ]
Yesterday, Arbor Networks launched the public portal for our ATLAS
project, a product of my team (ASERT) and something near and dear to
my heart. As an incident and threat analyst, I have cobbled together
tools and utilities for discovering what's afoot on the Internet in
near real-time for years, so a lot of my ideas and needs went into
this. ATLAS is something I use every day to investigate incidents and
gather data via packet capture, payload analysis, and honeypots. You
can find the free, public site here:
Registration isn't required, that's focusing mainly on commercial
customers. Public users get access to the portal for free, and we
plan to keep it that way.
The goal is to find out information about incidents that we know
about and also to discover what is likely to happen in the near term.
An example would be scans and attacks for a newly disclosed
vulnerability.
We built ATLAS using a combination of tools we've built and used in
the past to capture and distill scan traffic, lightweight honeypots
for insights into what's going on, and attack characterizations. As
this project progresses we'll be gathering more information and
sharing it with the community, we hope that you stay tuned.
The public portal is targeted at people with needs similar to my own
as an analyst, and it's designed to give you a simple, high impact
view of the Internet:
- entity reports about countries, ASNs and hosts launching attacks,
distilling their activities into usable data
- vulnerability and attack reports showing you background info and
attack data
- service reports showing you vulnerabilities and attacks, as well as
activity sources
- news and analysis
It's designed to put relevant information on the page in front of you
when you need it most and is inspired by intelligence tools from
similar fields.
We launched it to help the analyst community, and in the coming weeks
and months we'll be adding features such as community forums so that
everyone can participate, more data sources, and more features. We
hope you find it as useful as we have, and welcome your feedback and
use of the site.
