Sunday, June 3, 2012

HoNe - Running Process Cyber Attack Sensor

June 3, 2012 | Robert Cazares

I found this to be noteworthy of coming back to for further investigation in using this tool.

Hone is a unique open source tool developed by Pacific Northwest National Laboratory for correlating packets to processes to bridge the HOst-NEtwork divide.It is designed to determine which applications are communicating with external network, correlate packets to the responsible processes in Linux systems. Diagnose connections by adding process information.  

Available for Linux kernels 2.6.32 and later.
Windows 7, Windows XP and a MacOS X version is planned.

Pacific Northwest National Laboratory Creates New Sensor To Stop Attackers In Their Tracks

Apr 11, 2012 | 05:06 PM

RICHLAND, Wash. - The good guys have a new, innovative tool to help them identify and understand cyber attacks.

Developed by a researcher at the Department of Energy’s Pacific Northwest National Laboratory, the new Hone cyber sensor determines how network activity on a computer is related to an application such as Internet Explorer or any running process. Finding these relationships enables cyber security experts to more quickly identify a potential problem and dissect how it works.

Full story is here:

HoNe project at github can be found here:

1 comment:

Blog Archive