Skip to content

Cyber security geoip attack map that follows syslog and parses IPs/port numbers to visualize attackers in real time.

License

Notifications You must be signed in to change notification settings

eddie4/geoip-attack-map

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

59 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

This fork shows attacks from T-Pot

The honeypot software can be found here: https://dtag-dev-sec.github.io/mediator/feature/2016/10/31/t-pot-16.10.html

The javascript was made by MatthewClarkMay https://github.com/MatthewClarkMay/geoip-attack-map

First and Foremost

thanks to MatthewClarkMay for the first version. Please let me know if you find any bugs.

Cyber Security GeoIP Attack Map Visualization

This geoip attack map visualizer was developed to display network attacks on your organization in real time. The data server connects to elasticsearch, and parses out source IP, destination IP, source port, and destination port. Protocols are determined via common ports, and the visualizations vary in color based on protocol type. CLICK HERE for a demo video. This project would not be possible if it weren't for Sam Cappella, who created a cyber defense competition network traffic visualizer for the 2015 Palmetto Cyber Defense Competition. I mainly used his code as a reference, but I did borrow a few functions while creating the display server, and visual aspects of the webapp. I would also like to give special thanks to Dylan Madisetti as well for giving me advice about certain aspects of my implementation.

About

Cyber security geoip attack map that follows syslog and parses IPs/port numbers to visualize attackers in real time.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 47.7%
  • JavaScript 27.4%
  • HTML 20.8%
  • CSS 4.1%