Random stuff

I’m hyped! The much-anticipated Maltego version 2.0 is out. I had previously alluded to maltego here. To the 1% of you who haven’t heard of Maltego, it’s a tool for determining relationships between domains, users, email addresses, etc. I can’t think of an Infosec or traditional corporate security group which wouldn’t benefit from this tool. Check out new features here and here.

OK, everyone is probably familiar with the riddle put forth by Samson. e.g. “From the eater came forth food; and from the strong came forth sweet.”. The answer to that riddle was hidden. Who could have guessed the meaning? The strength of the riddle was in the fact that it was based on subjective knowledge that only Samson possessed. Of course, the story ends badly due to philistine subterfuge…but, I digress. I know that the security industry puts forth much effort in solving the riddle of “spam”. Question one, would a person, solving the spam riddle, be best served in keeping the answer to himself? It would seem that any sort of public solution would give the spammer equal opportunity to adjust their attack vector.

I don’t know much about spam. Google (and their gmail app) seem to know a lot about spam :-) . Joe Stewart over at Secureworks knows a lot about spam. He claims that the top botnets can send over 100 billion spams per day. I have a few more ignorant questions:

2) Spam is a nuisance. Can the power of spam be harnessed and used against ones enemies? If spam is the “eater”, how can it be used to ones advantage?

3) The sending of spam seems highly automated. Can the power of spam be turned inward? Like a child scooping cuploads of black ants on a red ant mount, is there a way of causing a “war” between spambots? Would such a war benefit anyone?

!Dmitry

Share
  • http://anti-virus-rants.blogspot.com kurt wismer

    hmmm, interesting idea – harnessing the power of spam…

    how about we use spam in captchas? if you can identify the non-spam email then you pass the test… for each advancement the bad guys make to better identify the spams, we add those advancements to our own spam filters and stop using those detected spams in the captchas…

  • dmitryc

    :-) Spammer, heal thyself! That’s great.

  • Jason

    Seems Maltego 2.0 is not free as the 1.0 versions were.

    [quote]
    Cost: $430 USD for first year, $320 USD per year thereafter.
    [/quote]

    and
    [quote]
    # The un-registered client allows you to view, search and print [graphs made by other people].
    # In order to make your own graphs you need to obtain a license key. The application features integrated registration but you can also get your keys [here].
    [/quote]

  • dmitryc

    $430 is a small price, imo. At one corporation that I worked for, the corporate security team had a dedicated resource (one FTE) that did this sort of work. A tool like this saves them tons of time at a fraction of a years salary.

    If you’re a consultant doing this sort of work for a customer, the tool pays for itself after 2 hours :-)

    If you work for many large corps, you’ll know that a supported, commercial, closed-source tool is easier to get past the new technology committee than a typical open-source, free app ;)

    I should end with “I don’t receive any compensation from paterva in any way” ;)

  • Jason

    @dmitryc

    $430 is an incredibly small price to pay for a corporation, but a bit too steep for me to pay just to find out what happened to my old high school buddies.

    I believe Maltego is one of the most exciting tools I’ve seen in a long time and I wish I could continue to play with it and see what connections I can uncover. I’d rather not pay so much for something I don’t really need for work and just for the occasional fun.

  • dmitryc

    It’s my understanding that the last beta version still works and that the free servers are still operational. It’s what I’m using until I can expense off my copy :-)