Contact me

General

<< <  Page 2 of 5  > >>

May 26, 2014
Category: General
Posted by: thepacket

The L7-filter classifiers haven't been updated since 2009 and for anyone who has worked with L7-filter... well... you know how well it works. I did some sniffing for DNS and HTTP and it seems that the regular expressions are either wrong or don't work at all. Also there are no available Shared Object classifiers other than the ones in pmacct (or i didn't look hard enough). But since there is no limitation on how to use either the RE or the SO i will include a class table in the project and (just for now) i will use the ones that come with the L7-filter. I will probably look into either one and do a performance comparison. In the mean time I hope Paulo eventualy sees my mails and respond.

If any of you guys have any working classifiers please be so kind and mail them to me. I will include them in the final release and they will also work on the live demo here. thanx

May 23, 2014
Category: General
Posted by: thepacket

Added GeoIP capability from pmacct. Now the visualizer will also export the country of origin IP. There's still a lot of work to be done. It seems that historical information is not stored within the db so I will have to make a new table for every interval i need (5m-30m-2h or so). The first release will also have an automated IP-to-DNS function so you wont have to dig that information as well.

Since the Virgo Release Candidate will be completely rebuilt, feel free to mail me with capabilities you would love to have and i'll see what i can do...

May 7, 2014
Category: General
Posted by: thepacket


The honeyspot reached 100 installations yesterday. Thanx guys. If anyone needs a new feature just drop a line in my mail, I am a bit busy at the time but I'll be sure to include it in the next version. Cheers...