Newsflash:

Latest Tools

Metasploit		3.2
Wireshark		1.0.4
Cain & Abel		4.9.26
Snort		2.8.3.1
Nmap		4.76
Kismet		08-05-R1
Nessus		3.2.1

Latest Signatures

IntruShield		5.1.9.3
Juniper IDP DI		#1345
Cisco IPS		S368
Symantec IPS		v104
Proventia		28.170

Our Clients

USDN has consistently performed well for us especially during our nationwide data center upgrades. They not only engineered and implemented our network security upgrades ahead of schedule, they also helped us save 22 percent off our initial budget.
~ Michael Accardi, National Early Warning Systems (NEWS)

The team at USDN have seamlessly blended their superior technical and analytical abilities with the business savvy necessary to provide outstanding customer service. Combine this with their commitment to educate clients and you will see that USDN provides an invaluable service at a level of integrity nobody can match. USDN is a class by themselves!
~ Stephen McKinley, Xerox

Active Monitoring

All connections to USDN are logged. You are connecting from: 38.103.63.58

Software Library

Open Source Tools (1)

Our Affiliates

Our Influences

Love all, trust a few, do wrong to none.
~ William Shakespeare

April Fools 2009 - Human Behavioral Study

April 1st 2009 – USDN conducted an experiment on April 1st 2009 to gather data on human behavioral patterns when unknown stimuli (social engineering) is combined with a known event (April’s Fools Day) and the effects they have on the perceived validity of virtually presented information (website seizure notice or email of same notice with link to website). The experiment included various types of social engineering techniques and a hoax webpage which was published on the official website of USDN (www.usdn.net). All behavioral pattern statistics were recorded and stored in a database for later analysis.

The statistics were separated into two groups of participants, those that received direct outside stimuli from USDN in the form of a communication by voice, instant massage or email and a control group that received no communication directly from USDN before visiting the website.

Even those participants that thought they were being informed of the true nature of the hoax webpage, which was to execute a practical joke for April Fool’s Day, were in fact part of the experiment. Absolutely no one was left out of the behavioral data collection except for the three partners (and our attorney of course) of USDN.
(Sorry guys & gals, you were part of the pattern analysis as well as those that were in the uninformed non-stimuli group).

The purpose for the analysis of the collected behavioral data will be to see if the existence of perceived foreknowledge had an effect on the plausibility of the presented information and the steps taken to validate it. We believe this research will be useful in developing countermeasures, training, and technical controls to aid in the prevention of known identity theft techniques (phishing, social engineering, site highjacking, etc.)
A whitepaper will be released after the data is analyzed but we wanted to disclose what data was collected immediately. The data that was collected included:

Hit (internet) - A request for a file from the web server. Available only in log analysis. The number of hits received by a website is frequently cited to assert its popularity, but this number is extremely misleading and dramatically over-estimates popularity. A single web-page typically consists of multiple (often dozens) of discrete files, each of which is counted as a hit as the page is downloaded, so the number of hits is really an arbitrary number more reflective of the complexity of individual pages on the website than the website's actual popularity. The total number of visitors or page views provides a more realistic and accurate assessment of popularity.
Page view - A request for a file whose type is defined as a page in log analysis. An occurrence of the script being run in page tagging. In log analysis, a single page view may generate multiple hits as all the resources required to view the page (images, .js and .css files) are also requested from the web server.
Visit / Session - A series of requests from the same uniquely identified client with a set timeout, often 30 minutes. A visit contains one or more page views.
First Visit / First Session - A visit from a visitor who has not made any previous visits.
Visitor / Unique Visitor / Unique User - The uniquely identified client generating requests on the web server (log analysis) or viewing pages (page tagging) within a defined time period (i.e. day, week or month). A Unique Visitor counts once within the timescale. A visitor can make multiple visits. Identification is made to the visitor's computer, not the person, usually via cookie and/or IP+User Agent. Thus the same person visiting from two different computers will count as two Unique Visitors.
Repeat Visitor - A visitor that has made at least one previous visit. The period between the last and current visit is called visitor recency and is measured in days.
New Visitor - A visitor that has not made any previous visits. This definition creates a certain amount of confusion (see common confusions below), and is sometimes substituted with analysis of first visits.
Impression - An impression is each time an advertisement loads on a user's screen. Anytime you see a banner, that is an impression.
Singletons - The number of visits where only a single page is viewed. While not a useful metric in and of itself the number of singletons is indicative of various forms of Click fraud as well as being used to calculate bounce rate and in some cases to identify automatons bots).
Bounce Rate - The percentage of visits where the visitor enters and exits at the same page without visiting any other pages on the site in between.
% Exit - The percentage of users who exit from a page.
Visibility time - The time a single page (or a blog, Ad Banner...) is viewed.
Session Duration - Average amount of time that visitors spend on the site each time they visit. This metric can be complicated by the fact that analytics programs can not measure the length of the final page view.
Page View Duration / Time on Page - Average amount of time that visitors spend on each page of the site. As with Session Duration, this metric is complicated by the fact that analytics programs can not measure the length of the final page view.
Page Depth / Page Views per Session - Page Depth is the average number of page views a visitor consumes before ending their session. It is calculated by dividing total number of page views by total number of sessions and is also called Page Views per Session or PV/Session.
Frequency / Session per Unique - Frequency measures how often visitors come to a website. It is calculated by dividing the total number of sessions (or visits) by the total number of unique visitors. Sometimes it is used to measure the loyalty of your audience.
Click path - the sequence of hyperlinks one or more website visitors follows on a given site.

This data was collected on EVERYONE who visited the website located at www.usdn.net or the alias of usdn.net between the hours of 00:01 and 23:59 Pacific Time on April 1^st, 2009.

Absolutely no personally identifiable information was collected in this process therefore no usage information will be deleted from the research database under any circumstances. This even includes the couple of people that think getting demanding with us (yelling hurts everyone you know) or threatening us with legal action (like we haven’t been through that before) will result in the collected data getting deleted just because THEY were not informed in advance that WE were going to conduct such data collection.

An archive of the falsified webpage has been archived here (and yes it still conducts web analytics).

Last Updated on Thursday, 02 April 2009 03:36