Changes between Version 7 and Version 8 of GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu-portscanning
- Timestamp:
- 10/30/17 17:29:45 (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GENIExperimenter/Tutorials/NFV/Ryu/HandlingIntrusionwithRyu-portscanning
v7 v8 246 246 == (5) Run Attack Analyzer == 247 247 248 Attack Analyzer reads the snort alerts saved on Controller node and makes decisions about which IP addresses to block. Attack analyzer is the “brain” on the attack control system. It reads the file <i> /tmp/snortalerts </i>, which is generated by RINA on controller node and outputs /tmp/attacker.txt file which has IP address of all the nodes that Attack Analyzer decides to block based on snort alerts.248 Attack Analyzer reads the snort alerts saved on Controller node and makes decisions about which IP addresses to block. Attack analyzer is the “brain” on the attack control system. It reads the file '' /tmp/snortalerts '', which is generated by RINA on controller node and outputs /tmp/attacker.txt file which has IP address of all the nodes that Attack Analyzer decides to block based on snort alerts. 249 249 250 250