RALPH » Network Mapping

Presenter: Josh Abraham
Presentation date: March 15th, 2006

Proposal

This presentation will first cover existing network mapping tools along with their limitations. Then I describe our proposed new technique for handling the information from network mapping scans. This information is first stored in a database. Using this technique one is able to extract the information that is most useful about the machines that have been scanned through standard database queries. For example, monitoring services availability and temporal changes becomes straightforward. We come to the conclusion that using such a technique leads to a more effective method of network scanning.

Joshua Abraham is a 3rd year Computer Science student at Northeastern University, where he has been doing research on Network Mapping tools. Joshua also works with the Volunteer System Group, where he is one of the Administrators of the Linux Project. He was in charge of the Intrusion Detection System and network monitoring at "Capture the Flag", the Volunteer Group's security contest this year. He has also worked as an IT Security Professional. Joshua works on many other projects, one of which is PB'NJ, a network scanning suite connected to his current research.

In his spare time, Joshua codes, tests, and generally researches many different aspects of the security field. He has written numerous howto's and other forms of documentation for popular security tools, like Snort, and FreeBSD. He has also given presentations regarding UNIX security.