分享

更多

   

盘点全球网络攻击实时追踪系统

2015-01-21  mtjs


Who’s Attacking Whom? Realtime Attack Trackers

Posted on   |  by  Brian Krebs


攻击数据从何而来?

这是一些很形象、生动、有趣的攻击可视化记录。所有在地图上展示的大数据都是来自真实的生活目标、“蜜罐”和安全公司部署的“诱饵系统”收集的数据,其中有攻击来源、攻击方式以及攻击频率。

此外,地图中显示破坏系统的“攻击方”组织通常是从别的某个地方发起的,也就是说你所看到的“攻击源”很可能只是攻击者的一个攻击“跳板”,并非真实发起地,真正幕后攻击者会用多重伪造技术,隐藏的很深。

FireEye公司“网络威胁地图”

直接上图,下面的“网络威胁地图”讲述的就是一个真实故事,是FireEye曾透露的某黑客组织对零售商和它们的信用卡系统发起的网络攻击!此时你脑海会想起什么呢?一定会想起洲际导弹导弹!没错,还记得1984年的《战争游戏》中出现的北美防空司令部的监视器画面吗?!地图上并没有太多的原始数据,但是看起来的确很有趣有木有!

FireEye的“网络威胁地图”

穿越:https://www.fireeye.com/cyber-map/threat-map.html

挪威公司的IPViking地图:Eye candy-addictive

下面一幅来自挪威公司的IPViking地图更有炫酷了,它包含每个相关攻击的丰富数据,比如攻击组织名称网络地址攻击目标所在城市、被攻击的服务器。还列举出最容易受攻击的国家,和最喜欢发起攻击的国家(细心的读者会发现,天朝与米国常常各登榜首,小编想这并不公平,或许另有目的…)

挪威的IPViking攻击地图:Eye candy-addictive

穿越:http://map.ipviking.com/

来自Arbor Networks由全球270个ISPs匿名分享流量的“数字攻击地图”

另一个有趣的,包含大量攻击信息的追踪系统当属Arbor Networks的“数字攻击地图”。地图中的数据来源于美联储,其中的网络攻击流量都是由全球270多个ISP客户统计并同意匿名分享的。这个服务提供商可真是提供了真正实用的服务啊,因为它可以帮你及时追查先前的网络攻击,最早可追溯到2013年的6月!

来自Arbor networks的由全球270个ISPs匿名分享流量的“数字攻击地图”

穿越:http://www.digitalattackmap.com/

最像视频游戏的卡巴斯基(Kaspersky)“网络实时地图”

卡巴斯基的“网络实时地图”还有更好玩的地方,与其他系统相比,它最像一个交互式视频游戏了。你所看到的千变万化的数据是由卡巴斯基实验室各种扫描服务器提供的,因此,这也具有了一定灵活性,你可以布局自定义扫描,过滤某些恶意威胁,如E-mail恶意软件,Web site攻击、漏洞扫描等等。

最像视频游戏的卡巴斯基(Kaspersky)的“网络实时地图”

穿越:https://cybermap.kaspersky.com/

Anubis Networks的Cyberfeed带你巡视全球恶意软件感染现状

它使用类似谷歌地球的表现形式,地图数据是来自已知的著名恶软件家族,它展示更多是恶意软件感染地图,而不像网络攻击地图,也不是十分互动的。在这一方面,它很像芬兰公司的f-secure,趋势科技的“全球僵尸网络威胁活动地图”和Team Cymru的“网络恶意活动地图”(下面都有介绍)。

Anubis Networks的Cyberfeed带你进行巡视全球的恶意软件感染现状

穿越:https://www.anubisnetworks.com/products/threat-intelligence/

Team Cymru的“网络恶意活动地图”

这张地图也有电影版本的,你可以下载下面的格式:

H.264/MPEG-4 (~2MB)
Windows Media (~7MB)
MPEG-2 (~2MB)

电影版本连同下面的图片每天都更新。

穿越:http://www.team-cymru.org/Monitoring/Malevolence/maps.html
电影版本:http://www.team-cymru.org/visualizations/compromised_map/recent.wmv

趋势科技“全球僵尸网络威胁活动地图”

穿越:http://apac.trendmicro.com/apac/security-intelligence/current-threat-activity/global-botnet-map/

蜜网项目(Honeynet Project)“蜜蜂地图(Honey Map)”

蜜网项目(Honeynet Project)的“蜜蜂地图”,它看起来不是超级"性感",但是它的实时威胁蜜罐系统的里含有相当数量的有用信息,其中就包含Virustotal对每一个威胁和攻击中恶意软件分析的链接。

蜜网项目(Honeynet Project)的“蜜蜂地图(Honey Map)”

穿越:http://map.honeynet.org/

OpenDNS实验室作品

此外再加一个OpenDNS实验伙伴们“绘制”的一个图文并茂的网络攻击追踪地图。

OpenDNS全球网络概览

穿越:http://labs.opendns.com/global-network/

Nexusguard Hubble更闪亮

闪亮动态地图From hubble.nexusguard.com

穿越:http://hubble.nexusguard.com/

[参考信息来源Here,由FreeBuf小编/凌晨几度i编辑,转载须注明来自FreeBuf黑客与极客专栏文章


About the Author

Brian Krebs worked as a reporter for The Washington Post from 1995 to 2009, authoring more than 1,300 blog posts for the Security Fix blog, as well as hundreds of stories for washingtonpost.com and The Washington Post newspaper, including eight front-page stories in the dead-tree edition and a Post Magazine cover piece on botnet operators. He was recently profiled in The New York TimesBusiness Weekand by Poynter.org.

Credit: Kristof Clerix

Credit: Kristof Clerix

But you didn’t really want to read my résumé, did you? What most people want to know is how I got into computer security, and whether I have a technical background in the field.

The short answer is “by accident,” and “no,” respectively. I earned a Bachelor of Arts in International Studies from George Mason University in 1994, and at the time I wasn’t much interested in computers, although I had programmed a bit on an Apple II and spent quite a bit of time visiting online bulletin boards as a kid.

It wasn’t until 2001 — when my entire home network was overrun by a Chinese hacking group — that I became intensely interested in computer security. I had been monkeying with a default installation of Red Hat Linux (6.2) on an old Hewlett-Packard system, because for some reason I had it in my head that it would be fun to teach myself how to turn the spare computer into an oversized firewall [ah, the irony]. That is, until the Lion Wormcame around and locked me out of my system. Twice.

After that incident, I decided to learn as much as I could about computer and Internet security, and read most everything on the subject that I could get my hands on at the time. It’s an obsession that hasn’t let up.

Much of my knowledge about computers and Internet security comes from having cultivated regular and direct access to some of the smartest and most clueful geeks on the planet. The rest I think probably comes from a willingness to take risks, make mistakes, and learn from them.

I am 41 years old, and live with my wife Jennifer in Northern Virginia. When I’m not at the computer, I most often spend my free time reading, writing, cooking, gardening, studying Russian and playing guitar. I also enjoy corresponding with readers, so shoot me a note and tell me what you think of the blog.


    本站是提供个人知识管理的网络存储空间,所有内容均由用户发布,不代表本站观点。如发现有害或侵权内容,请点击这里 或 拨打24小时举报电话:4000070609 与我们联系。

    来自: mtjs > 《2015》

    猜你喜欢

    0条评论

    发表

    类似文章
    喜欢该文的人也喜欢 更多