On Sun, May 30, 2010 at 7:28 AM, ratheesh k <ratheesh.ksz@xxxxxxxxx> wrote: > any application which will analyze logs and give a brief information > to user about the attacks ? I've also been wondering about the existence of such tools, but I haven't done any research yet. In particular I'm hoping to explore parallel coordinate plots, which can be used to map out source and dest IPs and ports and show traffic patterns. You could see one IP port-scanning different dest ports, or many different IPs SYN flooding a particular dest host. http://en.wikipedia.org/wiki/Parallel_coordinates As a generalization of Ratheesh's question, does anyone have recommendations or personal favorites for iptables log visualizations for an at-a-glance overview of traffic patterns? Thanks! --Mike -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
