Dynamic Network Mapping (PBNJ + Nmap)

Date and Time

Wednesday, January 17, 2007 from 6:30 pm to 9:00 pm

Location

MIT Building E-51, Room 372

Presenters

Josh Abraham , Northeastern University - jabra ccs neu edu

Summary

An overview of existing network mapping tools and limitations, including a discussion of dynamic network mapping

Abstract

Session from LinuxWorld Expo San Fran, Aug 2006: This presentation will first cover existing network mapping tools along with their limitations. Then I describe our proposed new technique for handling the information from network mapping scans. This information is first stored in a database. Using this technique one is able to extract the information that is most useful about the machines that have been scanned through standard database queries. For example, monitoring services availability and temporal changes becomes straightforward. We come to the conclusion that using such a technique leads to a more effective method of network scanning.

Bio

Joshua Abraham is a 4th year Computer Science student at Northeastern University, where he has been doing research on Network Mapping tools. Joshua also works with the Volunteer System Group, where he is one of the Administrators of the Linux Project. He was in charge of the Intrusion Detection System and network monitoring at "Capture the Flag", the Volunteer Group's security contest this year. He has also worked as an IT Security Professional. Joshua works on many other projects, one of which is PBNJ, a network scanning suite connected to his current research. In his spare time, Joshua codes, tests, and generally researches many different aspects of the security field. He has written numerous howto's and other forms of documentation for popular security tools, like Snort, and FreeBSD. He has also given presentations regarding UNIX security.