Title :
Experience Using Active and Passive Mapping for Network Situational Awareness
Author :
Webster, Seth ; Lippmann, Richard ; Zissman, Marc
Author_Institution :
Lincoln Lab., MIT, Lexington, MA
Abstract :
Passive network mapping has often been proposed as an approach to maintain up-to-date information on networks between active scans. This paper presents a comparison of active and passive mapping on an operational network. On this network, active and passive tools found largely disjoint sets of services and the passive system took weeks to discover the last 15% of active services. Active and passive mapping tools provided different, not complimentary information. Deploying passive mapping on an enterprise network does not reduce the need for timely active scans due to non-overlapping coverage and potentially long discovery times
Keywords :
computer networks; security of data; telecommunication security; active network mapping; network situational awareness; passive network mapping; Computer crashes; Information security; Laboratories; Open source software; Operating systems; Passive networks; Peer to peer computing; Probes; Protection; Telecommunication traffic;
Conference_Titel :
Network Computing and Applications, 2006. NCA 2006. Fifth IEEE International Symposium on
Conference_Location :
Cambridge, MA
Print_ISBN :
0-7695-2640-3
DOI :
10.1109/NCA.2006.23
