Hi -
psad-2.0.8 has been released:
http://www.cipherdyne.org/psad/download/
This release adds a whole new set of --gnuplot options so that iptables
log data can be visualized with Gnuplot in addition to AfterGlow. I
gave a talk about this at OSCON, and here are the slides in case anyone
is interested (the talk included visualizations of iptables log data
from the Honeynet Scan34 challenge):
http://www.cipherdyne.org/talks/Michael_Rash_OSCON_2007.pdf
Here is a blog post with a couple of the graphs visible:
http://www.cipherdyne.org/blog/2007/07/oscon-2007-talk-slides-iptables-attack-visualization.html
Here is the psad-2.0.8 ChangeLog (many thanks to all who have
contributed):
http://trac.cipherdyne.org/trac/psad/browser/psad/tags/psad-2.0.8/ChangeLog
--
Michael Rash
http://www.cipherdyne.org/
Key fingerprint = 53EA 13EA 472E 3771 894F AC69 95D8 5D6B A742 839F
psad-2.0.8 has been released:
http://www.cipherdyne.org/psad/download/
This release adds a whole new set of --gnuplot options so that iptables
log data can be visualized with Gnuplot in addition to AfterGlow. I
gave a talk about this at OSCON, and here are the slides in case anyone
is interested (the talk included visualizations of iptables log data
from the Honeynet Scan34 challenge):
http://www.cipherdyne.org/talks/Michael_Rash_OSCON_2007.pdf
Here is a blog post with a couple of the graphs visible:
http://www.cipherdyne.org/blog/2007/07/oscon-2007-talk-slides-iptables-attack-visualization.html
Here is the psad-2.0.8 ChangeLog (many thanks to all who have
contributed):
http://trac.cipherdyne.org/trac/psad/browser/psad/tags/psad-2.0.8/ChangeLog
--
Michael Rash
http://www.cipherdyne.org/
Key fingerprint = 53EA 13EA 472E 3771 894F AC69 95D8 5D6B A742 839F