We’ve long been proponents of active network analysis. For as long as I can remember, we’ve implemented it as a part of most major network projects that we’ve done. The idea that, if you can find an issue early it won’t become a major issue down the road is a pretty basic one – or so I thought.
Make sure that you’re consistently monitoring and analyzing the performance of your network. It should be a major part of your network security strategy. The money that you spend now will more than pay for itself in the future.
Credit: Justin Network traffic analysis should be used more in the fight against malware. That’s because pointers show up on the network “weeks and even months” in advance of new malicious software being uncovered, scientists from the Georgia Institute of Technology explain in an article on the school’s website . The researchers, who have been studying historic network traffic patterns, say the latest malware tracking should take advantage of inherent network-supplied barometers and stop simply focusing on trying to identify malware code already on networks and machines. By analyzing already-available, suspicious network traffic created by the hackers over a period of time, administrators will be able to pounce and render malware harmless before it can perform damage. “You know you are sick when you have a fever, before you know exactly what’s causing it,” says Manos Antonakakis, an assistant professor in the School of Electrical and Computer Engineering at Georgia Tech. “The first thing the adversary does is set up a presence on the internet, and that first signal can indicate an infection.” For example, registering domains is something hackers do and consequently can be tracked. So, by acting on that first sign of a potential infection—a dodgy domain […]