CIRCL explores new engineering solutions to improve CSIRT operations and to predict and better react on future threats.
Our ongoing projects:
BGP ranking is a free software to calculate the security ranking of Internet Service Providers. The system is gathering external datasources (e.g. dshield, shadowserver, Arbor ATLAS) to evaluate the ranking over time.
The purpose is to detect malicious activities of a specific AS number fast and to validate data sources used for security.
More details in the latest presentation given at TF-CSIRT Meeting 32.
Source code and documention are available at: https://github.com/CIRCL/bgp-ranking
The public interface of BGP Ranking is available at: http://bgpranking.circl.lu/
traceroute-circl is an extended traceroute to support the activities of CSIRT operators.
CSIRT teams often have to handle incidents based on IP addresses received, this is where traceroute-circl tries to improve the tedious task of abuse determination and collection.
Source code and documention are available at: https://github.com/CIRCL/traceroute-circl