DAVIX is a Live CD based on Slackware for the purposes of computer security operations. The distribution focuses on data analysis and visualization. DAVIX stands for Data Analysis and VIsualization Linux. It is the first Live CD to integrate so many visualization tools. The long-term goal for the distribution is to provide a good set of tools supporting the complete process of visual data analysis. Jan Monsch began work on the CD in December 2007. After discussions with Raffael Marty in January 2008, Jan agreed to produce the CD for "Applied Security Visualization" based on a list of utilities Raffael had discussed in the book. Features DAVIX contains a collection of more than 25 free tools for data processing and visualization. Some examples of the tools are: * Data Capture - tcpdump, PADS, p0f, , Wireshark * Data Processing - Chaosreader, GeoIP, tcpreplay * Data Visualization - AfterGlow, Cytoscape, Graphviz, MRTG, R Project, TimeSearcher, TNV The DAVIX CD ships with a 15 chapter manual which covers DAVIX use and customization with examples and screenshots. Additionally, most utilities on the system have documentation pages. The DAVIX CD is based on Slax. Security visualization Computer information security visualization is a form of . In enterprise environments, computer security information can be generated in very large volumes, which can become very difficult to analyze without a visual context. Using DAVIX, a security engineer can visually spot anomalies in network traffic such as changes in IP sources/destinations, network protocols, application protocols, traffic patterns, frequency, and volume. Current State DAVIX was released at Black Hat Briefings/DEF CON in August 2008.
|