Changes between Version 9 and Version 10 of GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu-portscanning
- Timestamp:
- 10/30/17 17:34:07 (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu-portscanning
v9 v10 248 248 Attack Analyzer reads the snort alerts saved on Controller node and makes decisions about which IP addresses to block. Attack analyzer is the “brain” on the attack control system. It reads the file ''/tmp/snortalerts'', which is generated by RINA on controller node and outputs ''/tmp/attacker.txt'' file which has IP address of all the nodes that Attack Analyzer decides to block based on snort alerts. 249 249 250 251 250 1. In a separate window for Controller, download the Attack Analyzer application and run it. 251 252 ''' wget https://raw.githubusercontent.com/akhtarnabeel/public/master/AttackAnalyzer/AttackAnalyzer.py ''' 253 254 2. Run the attack analyzer application on controller node 255 256 ''' python AttackAnalyzer.py -f /tmp/snortalert ''' 252 257 253 258