My attack detector, based on CAIDA's CflowD. * Charles Sprickman <spork@inch.com> [011107 19:25]:
Also, what feeds this:
-- Name: attack_db Type: TABLE Owner: neteng -- CREATE TABLE "attack_db" ( "attack_type" integer, "start_time" timestamp with time zone, "end_time" timestamp with time zone, "src_router" inet, "input_int" integer, "output_int" integer, "src_as" integer, "src_ip" inet, "src_port" integer, "dst_as" integer, "dst_ip" inet, "dst_port" integer, "protocol" integer, "tos" integer, "pr_flags" integer, "pkts" bigint, "bytes" bigint, "next_hop" inet );
This one really piqued my interest...
C
| Charles Sprickman | Internet Channel | INCH System Administration Team | (212)243-5200 | spork@inch.com | access@inch.com
On Wed, 7 Nov 2001, Larry Rosenman wrote:
* Charles Sprickman <spork@inch.com> [011107 16:05]:
Hello all,
I just discovered Postgres (after having used MySQL for some time), and it has some IP datatypes. I'm looking to stuff all of our IP allocations into a db for easier allocation/tracking, and I'm just thrilled to see that I can store IPs/networks natively.
Before I get too far into this, are there any pre-existing packages out there to help manage IP allocation? Does anyone have anything homegrown, and would you be willing to share some pieces, even just a schema, or advice? I don't want to dive in and find that I've laid everything out poorly and painted myself into a corner...
Go look in the archives around May-july for posts from me.
I've done exactly this, and shared SOME of my stuff.
I can't release any more, but it's in the archives.
Thanks,
Charles
| Charles Sprickman | Internet Channel | INCH System Administration Team | (212)243-5200 | spork@inch.com | access@inch.com
-- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: ler@lerctr.org US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
-- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: ler@lerctr.org US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749