Penetration Testing mailing list archives
Fwd: Fw: best tool to draw attack trees ??
From: Matthew Franz <mfranz () cisco com>
Date: Fri, 22 Mar 2002 17:59:18 -0600
Syntex, a latex preprocessor was the only thing I found to even be marginally useful. There are some commercial win32 based GUI risk analysis tools that were even less useful. See: http://www.theory.org/~matt/syntex/ http://freshmeat.net/projects/syntex/ -mdf
----- Original Message ----- From: "Kruse, Darren (DEH)" <Kruse.Darren2 () saugov sa gov au> To: <pen-test () securityfocus com> Sent: Thursday, March 21, 2002 7:00 PM Subject: best tool to draw attack trees ??I'm puzzling over what is the best way to draw attack trees. Attack trees provide a formal, methodical way of describing the securityofsystems, based on varying attacks. Basically, you represent attacksagainsta system in a tree structure, with the goal as the root node and different ways of achieving that goal as leaf nodes. Bruce Schnier's Secrets and Lies - Digital Security in a Networked Worldhttp://www.amazon.com/exec/obidos/ASIN/0471253111/qid=1016671800/sr=8-1/ref=sr_8_67_1/002-8209990-0206427 , in particular chapter 21 covers AttackTreesThere's also a DDJ article on attack trees http://www.ddj.com/documents/s=896/ddj9912a/9912a.htm (also by Bruce Schnier) that covers virtually the same ground as the book. I'm thinking that it would make a really good motivational tool for management to see what all the threats are against our systems. Having a documented attack tree would also help me in identifying whatholes,and threats I need to worry about RIGHT NOW ! My first thought was to wade in, and start drawing with Visio - making use of the layers feature to distinguish between different sets of values.. Possible / Impossible Cost script kiddie tool released ? etc.. But does anyone know of a more "closely-suited" tool than Visio ? I'vedonea google search on "attack tree" software, and come up blank. There are cheaper alternatives to Visio - maybe Kivio mp http://www.thekompany.com/products/kivio/faq.php3 ?? Unfortunately, theKDEversion (Kivio without the mp suffix) doesn't do layers. :-( Would a web interface be better ? - certainly for navigating between threats, but how about when you want to see a larger part of the tree ? ,orthe whole attack tree ?? Maybe MS Project ? - it's good at showing inter-related tasks , that have dependancies and costs, and can output to HTML as well. How about when I want to add , or share bits of someone else's attack tree?It would be cool to be able to download discrete sub-branches, just likeyoudownload additional Snort IDS signatures. Darren Kruse CCNP CCDP WAN/LAN Networking Consultant Mobile : (+61) 0407 446 399 mailto://darren_kruse () hotmail com http://www.geocities.com/darren_kruse ----------------------------------------------------------------------------This list is provided by the SecurityFocus Security Intelligence Alert(SIA)Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities pleasesee:https://alerts.securityfocus.com/
----- End forwarded message ----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- best tool to draw attack trees ?? Kruse, Darren (DEH) (Mar 22)
- Re: best tool to draw attack trees ?? Bill Pennington (Mar 22)
- RE: best tool to draw attack trees ?? Adonis.No.Spam (Mar 22)
- Re: best tool to draw attack trees ?? Dug Song (Mar 23)
- <Possible follow-ups>
- Fwd: Fw: best tool to draw attack trees ?? Matthew Franz (Mar 22)
- Re: best tool to draw attack trees ?? lit sec (Mar 23)
- Re: best tool to draw attack trees ?? Mark Curphey (Mar 24)
- RE: best tool to draw attack trees ?? Mike . Ruscher (Mar 25)