The world has become a pretty crazy place in the last few years.

I was reading this Networkworld.com article: “China denies cyberattacks on the U.S. power grid“, and it reminded me of my childhood.

Remember when we were kids and we got caught doing something we weren’t supposed to? My favorite rebuttal was “It wasn’t me” and “Nope, I didn’t do it”.

I remember one time when me and my no-good friends decided to pull a prank on my neighbor. We thought they would appreciate 10 pizzas delivered to them COD. My buddy called and made the order and we sat back and laughed because we were just so smart. I don’t know how they caught us but they did, and I got the blame because the call came from my house even though, “It wasn’t me”. I didn’t end up paying for pizzas, but I did pay.

I thought to myself, “What if Chinese IP addresses are being used to conceal the true identity of the attacker?” Network World has another really interesting article explaining “10 ways the Chinese Internet is different from yours”.

That sure is a lot of control over Internet traffic by the Chinese government to not know or be involved with, but it’s possible that it doesn’t know or isn’t involved. On the flip side, I’m pretty sure that the U.S. government knows a lot more than it’s saying.

Scrutinizer with Flow Analytics has several tools to show you exactly where attacks are coming from.

The Internet Threats algorithm analyzes your network traffic for communications with known threats on the Internet.  We also have other algorithms that will inform you of threats regardless of whether they are known or not.

flow-analytics-threats-overview1

When Flow Analytics tells me I have a problem, I just click on the name of the algorithm to check out who’s causing trouble.

known-host-alarm

Upon investigation, I see a cute little scan.

OK, now where are you from?

scrutinizer-and-geo-ip-tool

Ah…  China.  I love Cantonese Chinese food.

Reporting Suspicious Behavior

Regardless of whether it’s the Chinese government, a script kiddie, or one of their friends making the call, it’s coming from their house, and they’re going to end up paying for the 10 pizzas.

pizzaboy
Steve Cunha author pic

Steve

Stephen joined Plixer in 2011. Steve’s efforts over the years have helped many customer gain better Visibility and Network Analytics. With more than 5 years of successful technology consultation, Steve has become a thought leader, focusing on how Scrutinizer can be part of a system incorporating other solutions such as Gigamon, Statseeker, Uptime, InfoBlox and Splunk. Firm believer that most organizations will have a larger SDN implementation and greater leveraging the Cloud in the next few years. Steve resides in Scarborough, ME with his wife and two sons.

Related

Leave a Reply