Changes between Version 9 and Version 10 of GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu-portscanning


Ignore:
Timestamp:
10/30/17 17:34:07 (7 years ago)
Author:
Nabeel Akhtar
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu-portscanning

    v9 v10  
    248248Attack Analyzer reads the snort alerts saved on Controller node and makes decisions about which IP addresses to block. Attack analyzer is the “brain” on the attack control system. It reads the file ''/tmp/snortalerts'', which is generated by RINA on controller node and outputs ''/tmp/attacker.txt'' file which has IP address of all the nodes that Attack Analyzer decides to block based on snort alerts.
    249249
    250 
    251 
     2501. In a separate window for Controller, download the Attack Analyzer application and run it.
     251
     252''' wget https://raw.githubusercontent.com/akhtarnabeel/public/master/AttackAnalyzer/AttackAnalyzer.py '''
     253 
     2542. Run the attack analyzer application on controller node
     255 
     256''' python AttackAnalyzer.py -f /tmp/snortalert '''
    252257
    253258