317 | | Soon after starting ping message, nmap is used to attack destination. We can use ping output to measure how long it took to detect the attack, by counting the number of successful pings. Here is sample output |
| 317 | Soon after starting ping message, nmap is used to attack destination. |
| 318 | |
| 319 | |
| 320 | 4. As soon as the attack is detected, you will see the IP address appearing on the window for AttackAnalyzer.py. All traffic from this IP address is blocked by AttackAnalyzer. At this point, you can stop the ''PortScanAttack.sh '' file by typing Ctrl+C. |
| 321 | |
| 322 | |
| 323 | |
| 324 | 5. We can use ping output file (ping.log) to measure how long it took to detect the attack. Since each ping request are made 0.2 seconds apart, we can count the number of successful pings. To open ping.log file, type |
| 325 | |
| 326 | ''' cat ping.log ''' |
| 327 | |
| 328 | |
| 329 | Here is sample output |