BOEING MEETING
December 2, 1998
2:00 – 3:00
1131 ENG II
In attendance:
David Klotz (DK), Jeff Rowe (JR), Jason Schatz (JS) and Chris Wee (CW)
TOPICS
Presentation for Boeing Meeting in Seattle on Friday, December
4th
Topology Interface
Mapping of Attacks to Responses
LINUX Attack Strips
Design Plan Response Engine
-
Presentation for Boeing Meeting in Seattle
-
Topology Interface
-
JR: Lawrence is worried about the interface. He’s visioning a policy projector
that will feed us number, so we will be doing cost cutting connection down
to Port 25, for example
 |
|
PORT 25
|
A
|
B
|
C
|
|
A
|
0
|
1
|
0
|
|
B
|
2
|
0
|
3
|
|
C
|
2
|
4
|
5
|
|
-
JR: Lawrence also thinks that Chris Wee is working on the policy projector.
-
Topology – do our search, find cheapest cost and value of connectivity
of hosts
-
JR: Topology interface – give every host connected to every router IDIP
abstraction
-
DK: Underlying goal may be to have everything IDIP enabled.
-
JR: Figure out what IDIP network looks like using raw network typology
-
Mapping of Attacks to Responses
-
JR: This has already been fleshed out.
-
DK: SYN-KILL by January?
-
JR: Dependent on if we do Host-based response.
-
LINUX Attack Strips – counter attacks – automated or other
-
CW: Who’s LINUX box can we attack? (Ricardo’s)
-
JS: Jason will write 1-2 page Design Plan Response Engine
-
Inputs
-
Take Topology Conversion, list of strings corresponding to attack, develop
connection value matrices
-
Raw Configuration Input
-
Costs
-
Attack Configuration
-
List of actual strings with ID
-
Function that takes attack string and parameters, converts to connections
that will be lost
-
Generate Responses
-
Output Rule directed at Specific Router
-
JR: Jeff will write up typologies and how they will work.
-
Chris Wee talks to David O’Brien abo