|
|
 |
| |
|
|
| Anviss Global Sensor Grid |
|
|
|
| |
OVERVIEW
The ANVISS Global Sensor Grid (GSG) is the nervous system of the ANVISS operating environment.
The GSG performs a variety of intelligence collecting at the request of ANVISS users. When an
ANVISS user needs additional information regarding an IP address or an IRC nick-name, that request for
information is sent up to the GSG for queuing and processing.
For example; let’s say that you are interested in a certain IRC nic-name. Simple tell the GSG the
IRC network, channel and nic-name and off it goes. The GSG assigns a sensor node to join the channel
and watch for the nic-name. Once the node is in, it logs all the other users in the channel by their
nic-name and IP address. If the targeted user joins the channel, the node makes note. Once the
targeted user joins the channel, the node queries the IRC server for a list of all other channels the
target has also joined. Finally, the node joins those channels and begins building a social network
map of the channel members and chat traffic.
|
| |
| FLUID INTEGRATION and FLUX |
The GSG is managed and owned by ANVISS. The end-user never directly interacts with
the GSG, thus reducing the likelihood of tracing back intelligence gathering activity to the ANVISS user. In this manner,
nodes can be turned off or ‘darkened’ while other nodes are ‘lightened’ or brought online.
With a large global collection of dark and light sensors, the total grid-space is ever fluid and dynamic. Over time,
the entire IP address space represented by the GSG will change and fluctuate. The dynamics of the GSG will make targeting
and mapping by third parties difficult and time consuming. Furthermore, the fluidity of the GSG helps ensure that in the
event of a node compromise, the overall integrity of the grid remains intact.
|
| |
| EXTENDING THE EYES OF THE OPERATOR
|
The GSG functions as extensions of your network. With current network designs, you are
limited to trend and attack data only as it relates to your network. The GSG changes everything. If you have IP addresses
that are sending questionable traffic to your network, use the GSG to look farther than you ever have. How do you know if
the malicious traffic you see is part of the overall white-noise of the Internet? Use the GSG to watch for traffic from ‘hot’
or suspect IP’s. This will help determine what, if any, additional targets the suspect IP is working.
|
| |
| THE POWER OF THE GRID
|
Hackers and offensive operators use IRC botnets to hide their tracks and give them a range of
systems to attack and recon from. Using less malicious technology, the GSG leverages the same model, but for the ‘good-guys’.
After all, it takes a network to fight a network.
|
| |
|
|
|
|
|
|
|
|
|