This page shows a recording of a POC demo that I recently did. This effort was an open source implementation of a Real-time Internetwork Defense (RID) Agent for peer-to-peer cyber intelligence information sharing. Essentially, a colleague and I did a partial implementation of RFC 5070, RFC 6545, and RFC 6546. The source code for this project is available on GitHub.
I’ll openly admit that it’s a User Interface design That Only An Engineer Could Love (tm), but we weren’t really focused on the UI. We were interested in the protocol specifications and the message formats, which we followed faithfully. In the end, we were able to successfully interoperate with a number of other groups. I filed a few RFC errata in the process and, given what I learned along the way, I also wound up writing an Internet-Draft of my own.
One of these days, I’ll actually dedicate a full blog post to the thinking that went into the ROLIE draft. For now, you’ll just have to watch the demo 🙂
RID Agent Demo Video v2.1