NetState : a network version tracking system.
Network administrators and security analysts often do not know what network services are being run in every corner of their networks. If they do have a vague grasp of the services running on their networks, they often do not know what specific versions of those services are running. Actively scanning for services and versions does not always yield complete results, and patch and service management, therefore, suffer. We present Net-State, a system for monitoring, storing, and reporting application and operating system version information for a network. NetState gives security and network administrators the ability to know what is running on their networks while allowing for user-managed machines and complex host configurations. Our architecture uses distributed modules to collect network information and a centralized server that stores and issues reports on that collected version information. We discuss some of the challenges to building and operating NetState as well as the legal issues surrounding the promiscuous capture of network data. We conclude that this tool can solve some key problems in network management and has a wide range of possibilities for future uses.
- Research Organization:
- Sandia National Laboratories (SNL), Albuquerque, NM, and Livermore, CA (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC04-94AL85000
- OSTI ID:
- 950898
- Report Number(s):
- SAND2005-1206C; TRN: US200911%%123
- Resource Relation:
- Conference: Proposed for presentation at the USENIX '05 FREENIX Track held April 10-15, 2005 in Anaheim, CA.
- Country of Publication:
- United States
- Language:
- English
Similar Records
Situational Awareness of Network System Roles (SANSR)
Situational Awareness of Network System Roles (SANSR)