Rsignia and CyberScope Cyber Weapon Overview

I know that I have posted a couple times about Rsignia’s product, but the more I learn about it, the more impressed I become.

Rsignia was at the recent FOSE conference in DC. When asked about their product by Fed Tech BISNOW, their response was, “We attack them first, depending on the threat, we’ll slap them on the wrist or kick off everyone who is on their IP address.” You have gotta love that attitude!

I went through several white pages that I received from the show. In them, I found some great information on the equipment and wanted to share it. The following is from their white papers:

Introduction:

Rsignia, Inc. is a leading provider of cyber security solutions and services including detection, mitigation, countermeasures and forensics. In support of National Cyber Security Initiatives, Rsignia is developing some of the most innovative next generation cyber offensive non-kinetic and kinetic capabilities available to the market place today. Embracing the new cyber warfare paradigm, Rsignia’s long-standing relationships with United States Government agencies, and growing commercial base has positioned the company at the forefront of the rapidly growing Cyber market.

The elements of cyber warfare, whether they be defensive, offensive or of an intelligence-gathering nature are deeply entwined. They require the ability to sift through massive amounts of data at incredibly fast line rates, conduct real time search and analysis, and conduct mitigation and/or retaliatory responses. Additionally, the ability to conduct proactive network operations requires the ability to do all of the above in stealth mode. Rsignia has spent years developing a suite of hardware and software capabilities in support of this effort. As a small company, we are constantly in search of the niche that allows us to be relevant to the large integrators and government customers.

Products:

Our CyWarfius® product line is a unique family of secure, locked down, stealth or inline monitoring appliances. The bench top packet generator is the first cost effective packet capture and replay sensor with the ability to generate packets utilizing Candid, Live, Wireshark, and more. The Joint Forces Sensor is a robust intrusion detection system providing forensic analysis of live traffic. Finally, the CyberScope™ is capable of cyber offensive engagements. The CyWarfius platform provides intrusion prevention system blocking, ability to modify packet length, source, content, identifies IP data, the ability to insert custom code and supports PoS.

CyberScope Features:

  • 100% capture rate with high speed DAG cards
  • Supports Layer 7 event detection
  • Detects string matching dictionary attacks
  • Captures and defeats source spoofing
  • Rapid deployment and reconfiguration
  • Uses COTS components to decrease cost of ownership

Data Capture and Analysis:

  • Can operate in line for invisible operation w/o MAC address
  • Full data capture and analysis up to 40Gb per second
  • Date and time stamps incoming packets
  • Deep content inspection
  • Looks deep into Internet Backbone traffic

Counterattack:

  • Conducts surgical offensive strikes
  • Ability to strike from 1 to 1 million specific targets
  • Flow termination, jamming, Botnet capture, disinformation and more
  • Acquires target in milliseconds
  • Can act with other units to form concentrated counterattacks
  • Information gathered can be used in a military kinetic attack
  • Can be used in Mesh grid to detect person(s) of interest

I have to admit, this is one of the most impressive pieces of hardware that I have seen to date. It has the ability to sense attacks at several different levels, and automatically counterattack. Unfortunately, this equipment is not available for public use; it is only for Government and DOD. So if you are in the government and looking for this capability, definitely check Rsignia out.

Finally, if you were wondering, yes, this equipment is in the field now. And, yes, Rsignia’s equipment is used in the “Einstein” project. Bad guys beware!

Opensource IDS: SNORT Report

I found this today and it is pretty good. It is a series of articles on the Snort Intrusion Detection System. The articles are written by Richard Bejtlich, the founder of TaoSecurity, BlackHat presenter, and the Director of Incident Response at GE. Topics cover installation, manipulation and data output.

Check out the Snort Report.