Advertisement
Promo

Security threats Toolkit

Undercover darknets cracking crime

Jonathan Yarden

Published: 23 Nov 2005 17:00 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

In nature, vigilance and intelligence are essential for the survival of any species. The ability to communicate information quickly and uniformly, particularly threats, is often the difference between evolution and extinction.

Survival also depends on the ability to respond appropriately to a detected threat. The faster you can identify the location and intent of a possible threat, the faster you can choose a response. IDSs act as a form of network "radar", but they generally only benefit specific networks.

As the importance and use of the Internet increases, rapid identification of threats at a global level becomes even more vital. Better advance warning benefits the entire Internet, and this is where darknets and network telescopes come into play.

These terms describe both a concept and actual tool used for sounding early warning of Internet threats. By detecting port scanning activity early, it's possible to gain valuable information about a threat before it becomes widespread.

A darknet is basically a "dark" network, an area of routed IP address space that has few or no valid services or hosts. By default, you can consider any traffic entering a darknet from any source as hostile (except, of course, traffic you specifically know about).

The larger the IP address space, the better the darknet can monitor potential sources of malicious Internet traffic. If you configure a darknet with public Internet address space, you can use it to monitor malicious activity on the Internet itself. However, due to the limitations of public Internet address space, only organisations such as the CAIDA and universities involved in Internet research generally set up darknets on public Internet space.

But you still have options on a private IP network. You can use a darknet to track internal network activity indicative of an internal host compromise or worm. Darknets aren't difficult to set up — just take a large...

For more, click here... 

Next

Previous

1 2


  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
112 out of 247 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:








Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters