authentication Archives -

Swinedroid, Snort Monitoring tool, available on the Android Market

QR Code to Download Swinedroid ClientSwinedroid v0.20 has been released is now available on the Android Market. If you haven’t read my previous post about it, here’s the low down. Swinedroid is a remote Snort monitoring application for Android. Currently, it allows you to view server threat statistics, display the latest alerts, search alerts (by alert severity, signature name, time frame) and view alert details (including a hex dump if available). It consists of two components: the client – which runs on your Android device, and the server – which runs on the system you wish to monitor (or a third party server that can access the snort server db port). The server provides statistics requested by the client over a secure and authenticated SSL link.

Since the last (non-market) release, I’ve introduced a server threat graph (thaks to AChartEngine), alert detail breakdown, SSL authenticity negotiation, functional alert browsing, a more helpful launcher screen, and crash fixes.

Swinedroid Server OverviewSwinedroid Alert Overview

Having an Android Snort monitoring application can prove handy for a variety of situations where access to web-based clients is either unavailable or inconvenient. Since this is a monitoring tool that runs natively in Android, it will also be possible to recieve notifications based on alert statistics – a feature I plan to implement at some stage. Also upcoming is alert tagging and deleting functionality, more advanced alert statistics, attacker profiling (including reverse DNS / location information), and more. If you have suggestions, please post your feedback.

Download the client app here.

Download the server here.


The Problem:

Wikipedia is a great resource. In fact, it’s such a great resource that it’s the de-facto source of information for – well – most things that you want to know about. And it’s so all encompassing, it’s so expansive and extensive that you can find just about anything on it, from the frighteningly large rodent “capubera” to what exactly a “femme fatal” is to the intricate workings of the Rijndael encryption standard. Just a few years ago, you couldn’t find all this information all in one place. After all, as a domain was only registered in January, 2001. A decade ago, you’d have to rely on the old textbooks, the infomercials that try to sell you the words of old white guys, to get even close to compiling the information that is accessible within a few keystrokes today. And the beautiful thing about it is that it’s all community driven. It’s not just a few old white guys anymore, it’s people from all across the globe collaborating on a masterpiece of information and accessibility. It’s an amorphous entity that is always growing, always changing and constantly reshaping itself. It’s the closest thing we have to the real live Hitchhikers Guide to the Galaxy. Its democratic nature is great, but its unaccountable nature is where the whole thing gets tricky.

And thats the real problem. People add stuff they’re not supposed to. Stupid stuff, silly stuff, misconceptions, innaccurasies, rumors and downright lies. The entries get cluttered with things they’re not supposed to. I can’t claim I’m not guilty of it. I’ve edited wikipedia entries in the past for kicks *cough*electromagneticpulse*cough*- but this just underlines the whole structural problem. Stephen Colbert, a personal hero of mine, causes havoc on wikipedia in a single 10-minute segment by urging watchers to edit the “elephant” entry. The result is entry locks, warnings of bias, needed citations, and a general site-wide loss of credibility. People don’t trust wikipedia the way they trust the good ol’ fashioned ink and paper. It’s enough to cause nostalgia, a longing for the halcyon days when information was sparse, but at least it had some bite behind its bark. Whats an honest obscure-information-seeker to do? Where can we turn?

There is one solution, always turned to in times of despair. “Check your sources!” It’s the time-cherished response of every undergrad college professor you’ve ever had. “Wikipedia may not be cited, not now, not ever!” they cry out in unison. If I didn’t know any better, I’d say it was an affront on our information-sharing culture. A way to make the information they possess seem a precious commodity in light of the rubbish of our wikimedia commons. After all, are they not the arbiters of accuracy? Still, what they say does make sense: you have no way of distinguishing the trash from the treasure for any given entry. Someone may have edited it to add one of the aforementioned innaccuracies just 10 minutes ago. Hell, you may have edited it, just to get in the few extra footnotes you’ve been looking for and to get a chuckle out of quoting Cleopatra saying “I know kung-fu.” So there has to be some greater source of authority to reference to when trying to speak authoritatively yourself. You can’t just reference any odd article you like, and expect it to be listened to like the wisdom of the ancients.

The Solution:

“But I’m so lazy!” you complain. “I don’t want to spider across twenty different newspapers, essays and electronic journals just to quote something I already know as fact!” At this point a few months ago, I would have said “Well, too bad! Life is hard, suck it up! Get off, er, on your lethargic ass, do some fancy google voodoo, and find that australian PM quote you were looking for!” But in all honesty, the complaints do make sense. The information is out there, in all its cross-hyper-linked glory, but in order to get to it you have to spend inordinate amounts of time looking for it from credible sources. Oh, pity me, I wish that wikipedia had both the credibility I’m looking for and the vast resources it already has! If only there were a way to combine the best of both worlds!

But then I had this crazy idea. What if, instead of wikipedia referring to sources of higher authority, wikipedia brought those sources of higher authority to itself? What if wikipedia set off a corner of itself, however small it may initially be, and said “we swear by the hair on our chinny-chin-chin, that this information is verifiably true.” Let’s call it Now how would they verify the quality of content on this subdomain? Fact-checkers. That’s right- every major newspaper has them. They go around, looking at the articles about to go to print, and, well, check their facts. To make sure the quality of the article that is about to go on the newsstands lives up to the time-honored tradition of the Sun Times Press Journal Herald. And somehow magically this works. So bring fact checkers to wikipedia. Make them paid staff-people on the largest source of information of all time.

Sure, there are some logistical problems. For instance, wikipedia coming up with crazy schemes to make make ends meet as it is, but no one claimed this would be easy. One possibility is getting folks over at the Science Commons on board. That organization is certainly starting to address some of the problems of reliability and access to information. Another avenue is actually getting the universities themselves to fund such a project, and improve their public image besides. With enough of a starting nudge, we could even get professors and voices of authority to volunteer, and offer their words of wisdom. Wikipedia could become a platform for the collaboration of experts in various fields, pooling their knowledge into a central, open network.

The great thing about this is that there is really nothing to lose. If it doesn’t catch on, then oh well, we tried. No harm done. But if this does catch on, it could be something really interesting. As the saying goes, the sky is the limit.