Research
CenSEARCHip
Search engines might be created with the intent to give all users equal
access to the same information, but a Web site created by researchers at
the Indiana University School of Informatics and t
he Advanced Network
Management Lab (ANML) visualizes how some countries' censorship laws
affect search results.
http://homer.informatics.indiana.edu/censearchip/
Hflow2
Hflow2 is a data coalescing tool for honeynet/network analysis. It
allows the collection of data from a number of sources (snort, p0f,
sebekd) into a unified cross-related data structure stored in a
relational database. More information and downloads are available on
the Hflow2 web pages,
and a paper with a more detailed description is available here.
Honeynets/Honeypots
Through collaboration with the honeynet project we have developed a
series of tools and technologies such as Sebek, Hflow and Walleye.
An unofficial patched version of the latest linux client for sebek
for kernels 2.4 and 2.6 are below. These versions fix the following
bugs:
Porcupine
The “Porcupine” is an experimental high performance device designed to support research into advanced wireless network management: http://porcupine.iu.edu/
Regional Optical Network Map
The ANML maintains and produces a map of facilities-based regional (and national) optical networks in the USA. For more information, visit the RON map's web site.
Tsunami
(Download Tsunami) New Version - 12/09/02:
- Fixed race condition in thread handling
- Numerous other improvements
Version - 10/23/02
Better IPv6 support. Better transcript file support.
Version - 10/15/02
Changes since last version:
Major reworking of the server code. autoconf/automake - now installing is as simple as ./configure, make, make install.Transcripts - "--transcript" when starting the server and/or "set transcript {yes|no}" as a client command line will turn on transcript generation for the session for later analysis.
Tsunami is an experimental high speed network file transfer protocol being developed by the ANML, designed to overcome some of the difficulties associated with using TCP over very high-speed, long distance networks.
You can download the sourcecode for tsunami here. Please note that this is EXPERIMENTAL code, and should be used at your own risk.
This software is released under an open source license; see the file LICENSE contained in the distribution for details.
If you have questions about Tsunami, contact Mark Meiss (mmeiss@indiana.edu)
Distributed Denial of Service Attacks(DDoS) Resources Distributed Denial of Service Attacks(DDoS) have recently emerged as one of the most newsworthy, if not the greatest, weaknesses of the Internet. Combating distributed denial-of-service attacks is one of the most difficult network security problems. (View project)
IPv6 Home Page
Although several protocol suites (including Open System Interconnection) have been proposed over the years to replace IPv4, none have succeeded because of IPv4's large, and continually growing, installed base. (View project)
"Wargames" Training
"Wargames: An Exercise in Ethical Cracking" is a hands-on training method developed by Advanced
Network Management Lab researchers to educate the higher education information technology security community.
Playing the role of network intruder, exercise participants learn concepts that can help them to make their own networks less vulnerable. The "game" format allows participants to gain a practical understanding of techniques employed by network intruders in a way that is fun and encourages retention of concepts.
"Wargames" training has been offered at several conferences and events catering to the higher education community, and was most recently offered at Security 2006: Educause & Internet2 Security Professionals Conference held in Denver, Colorado.
For more information on Wargames workshops please contact Advanced Network Management Lab Director, Steven Wallace ssw@indiana.edu.
