GET YOUR VULNERABILITY AND THREAT DATABASE SUBSCRIPTION
EKOLABS 2016


Tools no image

Published on November 25th, 2015 | by NJ Ouchn

0

RITA – Real Intelligence Threat Analysis

Released by the SANS, the RITA toolkit is intended to help approach the of ten overwhelming task of combing through piles of log
data looking for the following suspicious behaviors:
  • Beaconing : Connections that happen frequently and on similar intervals could be an indicator of malware calling home
  • Blacklisted IPs: Blacklisted IPs are addresses reported as being involved with malware, spamming, and other dangerous activities
  • Scanning: These events occur when a computer attempts to connect to a large number of ports on a system, searching for vulnerabilities
  • Long Durations: Connections that are beyond the length of average on a network could indicate a compromised system
  • Long URLs: Longer than normal URLs could potentially be used to transfer malicious data into the system
  • Concurrent Logins: A user being logged into a high number of systems could indicate that this user’s account or original system has been compromised

Tags: , ,


About the Author

“Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses”



Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top ↑