Slashdot Mirror
Inside Symantec's 'Security Center'
dipfan writes "There's a fascinating view looking at Symantec's Virginia security centre, where the company defends its corporate clients' networks against those wicked hackers. Scary quote from the Washington Post article: 'The Alexandria facility is a private, miniature version of the kind of public Internet-monitoring capability the Bush administration wants the federal government to develop to protect the nation's electronic infrastructure.'"
Well, if you were trying to stay one step ahead of the people breaking into systems, wouldn't you have a network with a bunch of honeypots and as much logging as you could manage?
This is basic network security practice, no?
Every five minutes or so, a giant, illuminated globe appears on the central screen and starts to rotate, displaying the locations worldwide where hackers are launching the most attacks.
Yep.. most of it is new york, and most of the hits they are aiming for are that giant flashing thing on the rotating illuminated globe labeled "The Gibson".
Then all the Symantec people skateboard around listening to Orbital.
maeryk
Feminine Protection? What is that? A chartreuse flame thrower?
The best croporate security policy starts by not boasting about the security procedures. Not for security by obscurity, but simply not to boast and make oneself a target for crackers.
Bush administration wants the federal government to develop to protect the nation's electronic infrastructure
It would be a tragedy should the terrorists win, destroy all the porn sites on the Internet. They think the US was pissed off with 9-11? Wait until we have no porn... They won't have a chance!
Tournament Management Online &
That's nagios they have running up on the big screen in the picture of the center. As a side note, NTT/Verio uses Nagios for alot of it's monitoring as well. Their command centers always have at least one nagios view up.
Sitting in a raised, rotating cubicle with built-in computer monitors and its own heat and light controls, Smishko pores over logs
I'm astounded. I want a rotating cubicle. With a big knob marked 'angular velocity'. In radians per second.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
I rented Tom Clancy's Netforce DVD not too long ago. It had a fictional depiction of a government Internet security monitoring task force and command center similar to what the Bush administration wants to create and what's pictured in the symantec article. The story was set around the year 2005, and they even mentioned that it was "after the second gulf war" - very prophetic indeed.
Why not include all of what you're quoting?
'Big numbers are par for the course at the Alexandria center, where analysts detect more than 15,000 discrete "security events" against Symantec's clients every day. About 4,000 are deemed real hacker attacks after further analysis, company officials said.'
Intrusion detection systems often return a fair number of false positive hits. All they're saying here is that their system returns 16,000 positive results, a little over 25% of which are actually cause for concern.
"Symatec Corporation" Is an anagram of "motto: conspiracy near"
Modest doubt is called the beacon of the wise. - William Shakespeare
The Post also has a video (real) up with interviews and some views inside the building.
e ch/010603-20v.htm
k amai.com/920/washtech/010603-20v.ram
Web page
http://www.washingtonpost.com/wp-srv/mmedia/washt
Direct Link
http://mfile.akamai.com/920/rm/thepost.download.a
So close and yet so far from the world's perfect ID number
That got me thinking. How do they distinguish between real attacks and network admins testing things. If I decide to ping my home machine from work until it screams for mercy, does that show up on their map?
Despite killing any credibility you had by using the word 'virii', you might be interested in:
l inux_malware.xml
Linux/Slapper
Linux/Etap
or any of the host of others (those are the most interesting in my eyes). But seriously, what is it with people saying that Linux is somehow invincible when it comes to viruses? An unpatched Windows box is no less secure that almost any unpatched BSD or Linux distro from six months ago (see: OpenSSH vulnerabilities).
There's a great article about weenies who seem to think that their click-and-drool Mandrake install is somehow impenetrable here:
http://www.virusbtn.com/magazine/archives/200209/
Score:-1, Funny
This is a strong commentary on why you should use encryption all the time:
If data is transmitted, she can see that, too -- and not only when it is moved by outsiders. Symantec has caught insiders improperly sending pre-merger details and pre-earnings data and has reported those findings to the employees' bosses.
Of course, where I'm employed, it is company policy that you can be terminated on the spot if you use encryption (for example, encrypting your email or files - I wonder if this applies to using a compression algorithm which sort of encrypts it. Or if you compress files and lock them with a password).
22:30 Universal Time, Symantec Security Central, Alexandria, Virginia...
.gr.ts!.!" can be seen..
Techie 1: "We're seeing massive traffic going into Washington.. it looks like an attack is happening."
Techie 2: "Uh oh.. prepare anti-ddos measures. Where is it coming from?"
Techie 1: "All over the world.. hmm, wait.. oh my god, most of it is coming from the US itself!!This is bad.. I'm tapping into their communication.."
Techie 2: "What can you see?"
Techie 1: "I can see some words, but they're not complete.."
The screen blinks, the words "f.rs..p.st! Ea..ho.
What time is it/will be over there? Check with my iPhone app!
Poetic Technologies makes the rotating cubicle that they are using.
Looks like they are using the full-featured Aura model. Yes, we should all have one.
All the blackhats will voluntairly label their packets as blackhat attacks so firewalls can drop them.
They make it sound very Gibson-esque in there. But it's not clear what these people are actually doing (except raking in millions of dollars). They have fancy displays and lots of data mining, packet sniffing and tracing technology and they're preventing... What? Well, nobody really knows.
Smoke and mirrors. Meanwhile you're being pumped for thousands a month. The price is quoted right in the article. A couple thousand a month seems reasonable. After all those Bulgarian hackers are vicious!
If you're interested in that then let me tell you about my company.
I've started a ghost-busting business. Using specially developed anti-ghost technology I am able to monitor minor disturbances along the walls of your house. From my Central Office of New Ghost Activity Monitoring Equipment I have been detecting thousands of intrusions each day! With the pattented Spectral Tracking Universal Psychic Intrusion Detector, I can see all over the world and into the cosmos to detect super-natural invasions even before they occur.
Ah! Even as we speak a spectral invasion fleet masses in Zaire to invade your kitchen!
SweatyB
It breaks my pluginses, my precious!