If you ask, they will build it. A little different than the quote I had in mind from Field of Dreams. Still, interesting article.
From Computer World:
Start-up Packet Analytics Corp. on Monday announced a tool for searching aggregated log data to analyze traffic activity between IP-based host computers.
Net/FSE, which stands for Network Forensic Search Engine, is Linux-based server software that provides a Web interface for network managers to easily see an analytical profile of host-to-host activity based on NetFlow router data as well as log information related to the organization’s firewall, intrusion-detection systems and security information management. (Learn more about Security Information Management products from our Security Information Management Buyer’s Guide.
The Net/FSE tool was developed at Los Alamos National Laboratory by Packet Analysis co-founders Ben Uphoff and Paul Criscuolo, both former technical staff members at the lab.
“If an enterprise already has centralized logging, we can start directly searching that, and we can also act as the data-aggregation point,” said Uphoff, vice president of research, about Net/FSE.
Read on.
[tags]FBI, Network Forensics[/tags]
