[dns-operations] Taste of future - DSC2

Rickard Dahlstrand rickard.dahlstrand at iis.se
Wed Aug 17 15:25:11 UTC 2011 

Hi Beda,

Great news!! Looking forward seeing your implementation.

We are hard at work fixing up the GUI and will soon make a 1.0-release. It's much improved but still only a proof of concept. Last week we added support for mouse-over tooltips on the ip-adress that is showing the status of an IP according to www.projecthoneypot.org. Really useful when looking at abusers and bots.

The spring project was really about making the collector as fast and versatile as possible, and we will spend most of our resources this fall into trying to build a useable GUI-application, and getting your input would be great.

Contact me know off list and we can setup a phone-conference and get your input.

Rickard.

17 aug 2011 kl. 16:01 skrev Bedrich Kosata:

> Hi Rickard,
> 
> we really like PacketQ and we would like to use it in DSC2 as well.
> One of the uses would be as a replacement for the collector process, 
> which would be replaced by a simple pcap dump. The produces pcap file 
> would then be mined via PacketQ and possibly stored for later use.
> A second and more interesting use would be to connect each data point in 
> DSC with a link to a pcap file and allow the user to go from a selected 
> data point in DSC directly to PacketQ GUI and examine and incident or 
> irregularity in more detail.
> Such an arrangement would give the user ultimate power to analyze his 
> data both at the macro and microscopic levels.
> I hope that we will soon be able to demonstrate such a functionality in 
> a live demo.
> 
> Best regards
> 
> Beda
> 
> 
> On 08/17/2011 02:55 PM, Rickard Dahlstrand wrote:
>> Hi Ondřej,
>> 
>> Have you had a look at our new tool PacketQ  https://github.com/dotse/packetq/wiki , it's really fast for processing PCAP-files offline, eats SQL-queries directly and might give you a more flexible solution for processing the traffic.
>> 
>> We have build a solution the runs statistics on the collected PCAPs every 5 minutes and stores them as .JSON-files. PacketQ can then process these JSON for a day, week, month or year in seconds and feed these using AJAX/JSON to a simple jQuery-GUI.
>> 
>> I recently recorded this screencast to show off some of the capabilities, it's available here: http://www.youtube.com/watch?v=70wJmWZE9tY
>> 
>> Rickard.
>> 
>> 17 aug 2011 kl. 14:42 skrev Ondřej Surý:
>> 
>>> Hi,
>>> 
>>> this is really WIP, but you can taste what we are working here
>>> based on the last year discussion on the future of DSC:
>>> 
>>> http://devpub.labs.nic.cz/dsc_ng/test_dygraph/
>>> 
>>> Works best in a modern browser.
>>> 
>>> The graphs there are based on the real data from DSC collector,
>>> which are imported into the PostgreSQL database and presented
>>> on top of the Django framework (go, go, Python).
>>> 
>>> We plan to implement more eyecandy like graph mashups, and more.
>>> 
>>> It's not the "show the code" quality yet, but we will release
>>> the source code to play with in few weeks.
>>> 
>>> O.
>>> --
>>> Ondřej Surý
>>> vedoucí výzkumu/Head of R&D department
>>> -------------------------------------------
>>> CZ.NIC, z.s.p.o.    --    Laboratoře CZ.NIC
>>> Americka 23, 120 00 Praha 2, Czech Republic
>>> mailto:ondrej.sury at nic.cz    http://nic.cz/
>>> tel:+420.222745110       fax:+420.222745112
>>> -------------------------------------------
>>> 
>>> _______________________________________________
>>> dns-operations mailing list
>>> dns-operations at lists.dns-oarc.net
>>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>>> dns-jobs mailing list
>>> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
>> 
>> _______________________________________________
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>> dns-jobs mailing list
>> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
> 
> 
> -- 
> Bedrich Kosata
> CZ.NIC Labs <http://labs.nic.cz>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

More information about the dns-operations mailing list