GitHub - Tie-fighter/banditvis: Visualising networked attacks using fail2ban, GeoIP and Mapnik. Demo at:

Tie-fighter / banditvis Public

Notifications You must be signed in to change notification settings
Fork 2
Star 10

Visualising networked attacks using fail2ban, GeoIP and Mapnik. Demo at:

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 26 Commits
data		data
fonts		fonts
images		images
interactive		interactive
templates		templates
CHANGELOG		CHANGELOG
INSTALL		INSTALL
README		README
add_bandit.py		add_bandit.py
config.ini		config.ini
draw_map.py		draw_map.py
my_functions.py		my_functions.py
notes.txt		notes.txt
update_geoip.py		update_geoip.py
write_kml.py		write_kml.py

Repository files navigation

README for Banditvis
====================
Thomas Steinbrenner <thomas@thomas-steinbrenner.net>
v0.3, August 2012
This software is licensed under the GNU Lesser General Public License.

== General

Hi!

Banditvis is an open source project to visualise the origin of networked attacks.
In detail it uses fail2ban to detect, GeoIP to locate and Mapnik to visualise.

== Requirements

* fail2ban (Debian: fail2ban, http://www.fail2ban.org/ )

* Python >= 2.6.6 (Debian: python, http://www.python.org/ )
* Python GeoIP >= 1.2.4 (Debian: python-geoip, http://www.maxmind.com/app/python/)
* Python Mapnik >= 0.7.1 (Debian: python-mapnik, http://mapnik.org/)
* Python Psycopg2 >= 2.2.1 (Debian: python-psycopg2, http://initd.org/psycopg/)
* Python Imaging Library >= 1.1.7 (Debian: python-imaging, http://www.pythonware.com/products/pil/)

* PostgreSQL >= 8.4.7 (Debian: postgresql, http://www.postgresql.org/)
* PostGIS >= 1.5.1 (Debian: postgresql-8.4-postgis, http://postgis.refractions.net/ )

== Installation

see INSTALL file
If you are having trouble, please don't hesitate to contact me!

== Configuration

* Customise config.ini

== Usage

* add_bandit.py ip_address [offence]: add an attack to the database.
* draw_pointmap.py: draw the visualisation.
* update_geoip.py: Try to download a new GeoIP database.
* write_to_kml.py: Write the current Databays to a .kml file.

== Disclaimer

This software is licensed under the GNU Lesser General Public License.
This project follows no commercial interests whatsoever and is purely done in the author's spare time.
The author cannot be held responsible for harm or damage done by using this software.
Also like the authors of third party tools used in this project, the author cannot guarantee the accuracy of produced outputs. (So please don't invade countries because of wrong border data e.g. ;) )

== Third-party tools
=== Redistributed

* (data/shapes/*) World Borders Shape file from http://thematicmapping.org/downloads/world_borders.php
* (fonts/LinLibertine_Bd-4.1.5) Linux Libertine Font from http://sourceforge.net/projects/linuxlibertine/

=== Used

* (data/GeoIP/*) Maxmind: This product includes GeoLite data created by MaxMind, available from http://www.maxmind.com/
* OpenLayers: http://openlayers.org/