Wednesday, March 07, 2007

More on Tagging

You may remember my previous post about IP tagging, in which I described my idea for a Web 2.0-ish tagging system for NSM analysts. Well, geek00L pointed out that I'm not the first person to think of this idea. It seems that a couple of bright guys at Georgia Tech had the idea last year, and implemented it in the form of a tool called FlowTag. I recommend their paper for some real-world examples of how a tagging system can enhance analyst productivity.

1 comment:

Chris said...

Thanks David. Flowtag is a project I'd love to get around to finishing one day. It was one of the first projects I really got excited about and I still use the tool often to analyze attacks.

I'd like to see a suite of tools that are "self-documenting", meaning that as you do your tasks, it helps generate rich lasting documentation.

Please use my domain name: instead of my reverse-dns name r82h147.