Netflix releases home-grown DDoS detectors

Planning on haxing Netflix? Don't plan it on Facebook

Website security in corporate America

NetFlix's security team has given the open source treatment to three tools it uses to monitor the internet and gather evidence of planned attacks against its infrastructure.

"Scumblr" and "Sketchy", plus the "Workflowable" tool both rely on, are now on GitHub for any security teams to use.

Scumblr sifts through forums and social media networks in search of discussions of possible hacks or denial of service attacks against an organisation using keywords predefined by an administrator. Sketch takes screenshots and scrapes text from sites.

"Scumblr and Sketchy are helping the Netflix security team keep an eye on potential threats to our environment every day," the pair wrote.

Scumblr includes a set of built-in libraries that allow creating searches for common sites like Google, Facebook, and Twitter. For other sites, it is easy to create plugins to perform targeted searches and return results.

"Once you have Scumblr setup, you can run the searches manually or automatically on a recurring basis."


On paper, the Ruby on Rails Scumblr appears to closely resemble existing open source intelligence tools such as Maltego in that it uses plugins to find and pull together information scattered across the internet.

It also uses Netflix's tidy little triage app "Workflowable", which marks incoming intelligence with labels such as part of a current, possible or concluded investigation.

Admins need not visit any of the websites flagged as possible sources for attacks; Sketchy snapshots those sites to avoid possible compromise should they prove to be malicious.

Other apps did the job but fell over when sites became too content-rich, used SSL, or were saturated with AJAX, Netflix security bods Andy Hoernecke and Scott Behrens wrote.

The tools, which can be downloaded here, here, and here, come with seven libraries ready to peruse services including Facebook, Twitter, and Google.

Netflix is releasing its wares to give back to the open source community under its Open Source Software Initiative which kicked off in 2010

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story


Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.