Initial software release

24 August 2010

Our free/open-source visual network traffic monitoring software is now available for download at www.eqnets.com. A video of our enterprise system in action and technical documents detailing our approaches to traffic analysis, real-time interactive visualization and alerting are also available there.

Besides a zero-cost download option, we are also offering Linux-oriented installation media for under $100 and an enterprise version of our system with premium features such as configurable automatic alerting, nonlinear replay, and a 3D traffic display.

Discounts—including installation media for a nominal shipping and handling fee—are available to institutional researchers or in exchange for extensions to our platform.

The software can run in its entirely on a dedicated x86 workstation with four or more cores and a network tap, though our system supports distributed hardware configurations. An average graphics card is sufficient to operate the visualization engine.

Thanks and enjoy!

Leave a Comment » | Communications security, Equilibrium Networks, Security | Permalink
Posted by eqnets

Random bits

1 June 2010

There’s been some buzz (see here and here) over the deputy SECDEF’s comments last week:

“Individual users who do not want to enroll could stay in the ‘wild, wild west’ of the unprotected internet…I think it’s gonna have to be voluntary…People could opt into protection – or choose to stay out. Individual users may well choose to stay out…But it’s the vulnerability of certain critical infrastructure – power, transportation, finance. This starts to give you an angle at doing that.”

The idea that deploying Einstein more widely is anything more than a step towards a government-sponsored security monoculture escapes me. There is no way that this will get any real traction because it’s not like the USG can credibly claim that its own networks are secure. If Einstein is free, then companies might use it. But that’s about as far as that goes.

Other stuff:

“the vast majority of vulnerabilities, both client-side and server-side, are being sold for less than $5,000″

Point: “some of the most alluring approaches to assuring information security [and] why they fail to make a difference to regular users and businesses alike”

Counterpoint: “blaming security engineering for the impact of targeted attacks is a herring as red as they come”

Leave a Comment » | Communications security, Random bits | Permalink
Posted by eqnets

Random bits

19 May 2010

“like-sign dimuon charge asymmetry…in disagreement with the prediction of the standard model by 3.2 standard deviations”

OK, now VMs are totally safe! No need to worry about escape attacks or rootkits…but seriously, it’s good that not everyone takes hypervisor security for granted.

“there is now a significant body of work showing how to break conventional quantum cryptography systems based on various practical weaknesses in the way they are set up…while the known loopholes can be papered over, it’s the unknown ones that represent threats in the future…[researchers have shown that it's easy] with a little malicious intent to bend the assumptions behind perfect quantum cryptography.”

Leave a Comment » | Communications security, Networks, Random bits, Science, Security | Permalink
Posted by eqnets

Random bits

7 May 2010

Principles of Robust Timing Over the Internet

“[An IPv4 address space] black market already exists, albeit on a small scale…[currently] IPv4 addresses are still relatively easy to get…[some believe] that regional registries such as ARIN should head off a potentially deleterious black market by creating a “white market” with established rules for trading IPv4 addresses at market-established costs…But the opportunity to cleanly switch from IPv4 to IPv6 passed many years ago. The current transition strategy, called “dual stack,” requires businesses to remain connected to both IPv4 and IPv6 networks until most of the Internet gets to “the other side” — a process expected to take at least five years.”

“Frosted windows may never be private again”

“a fundamental limit to the level of privacy that is possible when social networks are mined for recommendations”

“The 605-page [NSA IAD] PDF document reads like a listing of the pros and cons for a huge array of defensive and counterintelligence approaches and technologies that an entity might adopt in defending its networks…[one] section delves into the challenges of attributing the true origin(s) of a computer network attack”

Leave a Comment » | Communications security, Mathematics, Networks, Random bits, Science, Security | Permalink
Posted by eqnets

Random bits

30 April 2010

“Who can do a better job of protecting us from cyberthreats: private companies like Google, or Uncle Sam?”

Cyberwings. That’ll raise morale. Or not.

Computer security on the Death Star was a joke

Leave a Comment » | Communications security, Random bits | Permalink
Posted by eqnets

Random bits

23 April 2010

“in [Richard Clarke's] Cyberwar, like in real war, truth is the first casualty”

Cyberdeterrence through tattlling? This is ridiculous. Not bloody likely that will work against serious hackers. And not bloody likely that it would be done in cases where potentially state-sponsored hackers were caught.

Cybersecurity and National Policy

Leave a Comment » | Commentary, Communications security, Random bits | Permalink
Posted by eqnets

Random bits

5 April 2010

“A low-complexity approach for reconstructing average packet arrival rates and instantaneous packet counts at a router in a communication network, where the arrivals of packets in each flow follow a Poisson process”

“It’s safe to say that when someone pays that much for a bug, they’re not going to tell the vendor to patch it.”

“Regulation is not the primary driver for new technology, new investment, or new training; the threats are”

Protecting Europe against large-scale cyber attacks

Would you have spotted this ATM skimmer?

DoE and power grid security

Leave a Comment » | Communications security, Mathematics, Networks, Random bits | Permalink
Posted by eqnets

Equilibrium Networks beta

19 March 2010

Our visual network traffic monitoring software (for background information, see our website) has successfully passed our internal tests, so we are packaging a Linux-oriented beta distribution that is planned for snail-mailing (no downloads–sorry, but export regulations still apply) on a limited basis before the end of the month. The beta includes premium features that will not be available with our planned free/open-source distribution later this year, but at this early stage we will be happy to provide a special license free of charge to a limited number of qualifying US organizations.

Participants in our beta program will be expected to provide timely and useful feedback on the software, e.g.

•    filling perceived gaps in documentation
•    proposing and/or implementing improvements
•    making feature requests or providing constructive criticism
•    providing testimonial blurbs or case studies
•    etc.

The software should be able to run in its entirely on a dedicated x86 workstation with four or more cores and a network tap (though you may prefer to try out distributed hardware configurations). If your organization is interested in participating in our beta program, please include a sentence or two describing your anticipated use of this visual network traffic monitoring software along with your organizational background, POC and a physical address in an email to beta [at our domain name]. DVDs will only be mailed once you’ve accepted the EULA. Bear in mind that beta slots are limited. Enjoy!

Leave a Comment » | Communications security, Equilibrium Networks, Nonrandom bits | Permalink
Posted by eqnets

Random bits

15 March 2010

“I do believe NSA is still ahead, but not by much — a handful of years”

“[A researcher] gave a talk on his then current project to prove a certain OS kernel was secure…they hoped in two years to have a proof of the OS’s correctness. What struck me during his talk was he could write down on the board, a [formula that] captured the notion of data security: if a certain function f had this property, then he would be able to assert his OS could not leak any information…At the end of his talk I asked him if he wanted a proof now that his function f satisfied the formula. He looked at me puzzled, as did everyone else. He pointed out his f was defined by his OS, so how could I possibly prove it satisfied his formula—the f was thousands of lines of code. He added they were working hard on proving this formula, and hoped to have a full proof in the next 24 months…I walked to the board and wrote out a short set theory proof to back up my claim—any f had his property…I thought he would be shocked. I thought he might be upset, or even embarrassed his formula was meaningless. He was not at all. [He] just said they would have to find another formula to prove.”

“it’s possible to focus light through opaque materials and detect objects hidden behind them, provided you know enough about the material”

Leave a Comment » | Communications security, Random bits, Science, Security | Permalink
Posted by eqnets

Random bits

4 March 2010

Narus develops a scary sleuth for social media

An invisible quantum tripwire

Aspects of CNCI declassified

IPv6 thoughts from Arbor

“Hackers who breached Google and other companies in January targeted source-code management systems”

Leave a Comment » | Communications security, Networks, Random bits, Science, Security | Permalink
Posted by eqnets

« Previous Entries