MIT Lincoln Laboratory has developed a Network Security Analysis application known as NetSPA to help identify potential avenues of attack in computer networks.
NetSPA (for Network Security Planning Architecture) uses information about networks and the individual machines and programs running on them to create a graph that shows how hackers could infiltrate them. Although system administrators can examine visualizations of the graph themselves to decide what action to take, NetSPA analyzes the graph and offers recommendations about how to quickly fix the most important weaknesses.
NetSPA relies on vulnerability scanners, such as Nessus, to identify known vulnerabilities in network-accessible programs that might allow an unauthorized person access to a machine. Fast-spreading worms, for instance, often take advantage of weaknesses in servers or operating systems to spread from one machine to another. But simply being aware of vulnerabilities is not sufficient; NetSPA also has to analyze complex firewall and router rules to determine which vulnerabilities can actually be reached and exploited by attackers and how attackers can spread through a network by jumping from one vulnerable host to another.
More from InfoSecPodcast.com.
