[189989] in North American Network Operators' Group
Re: Detecting Attacks
daemon@ATHENA.MIT.EDU (Pavel Odintsov)
Sun Jun 12 14:41:46 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <CAD=4tqQ4NLX3Adu_ZppJ_9di6YM=5SxYkCeVuXqo70epYeHG3w@mail.gmail.com>
From: Pavel Odintsov <pavel.odintsov@gmail.com>
Date: Sun, 12 Jun 2016 21:41:43 +0300
To: subashini hariharan <suba.h17@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Hello!
You could try my open source project:
https://github.com/pavel-odintsov/fastnetmon
It's pretty popular and used by a very big number of really big networks.
We have option for capturing "pcap" dump for each attack for detailed
investigation.
On Sat, Jun 11, 2016 at 8:22 AM, subashini hariharan <suba.h17@gmail.com> wrote:
> Hello,
>
> I am Subashini, a graduate student. I am interested in doing my project in
> Network Security. I have a doubt related to it.
>
> The aim is to detect DoS/DDoS attacks using the application. I am going to
> use ELK (ElasticSearch, Logstash, Kibanna) for processing the logs (Log
> Analytics).
>
> My doubt is regarding how do we generate logs for detecting this attack? As
> I am new to this process, I am not sure about it.
>
> Also, if it is possible to do any other attacks similar to this, you can
> please give a hint about it.
>
> Could anyone please help with this, it would be a great help!!
>
>
> --
> Thank You.
>
> With Regards,
> H.Subashini
--
Sincerely yours, Pavel Odintsov
