C#/.net>> analyzer-d4-ipa>> 返回
项目作者: D4-project

项目描述 :
analyzer-d4-ipa (ICMP Passive Analysis)
高级语言: Python
项目地址: git://github.com/D4-project/analyzer-d4-ipa.git
创建时间: 2019-09-17T12:32:01Z
项目社区:https://github.com/D4-project/analyzer-d4-ipa
开源协议:GNU Affero General Public License v3.0
下载


ICMP Passive Analyzer - D4 IPA

Reads a pcap file and analyze icmp packets to detect potential DDoS attacks
(guaranteed gluten free)

Installation

REQUIREMENTS:

  • This analyzer requires pipenv and redis 5.0 or above.
  • You need at least python3.6 or later to run this.

SETUP:\
First, you need to install pipenv:
```shell script
pip install pipenv

  1. Then clone redis where you want it installed:
  2. ```shell script
  3. git clone https://github.com/antirez/redis.git
  4. cd redis
  5. git checkout 5.0
  6. make
  7. cd ..

You can finally clone this repo on your machine and simply setup the virtual environment with pipenv like so:
```shell script
git clone https://github.com/D4-project/analyzer-d4-ipa.git
cd analyzer-d4-ipa
pipenv install

  2. ## Usage
  3. #### Start the redis server
  4. Don't forget to set the DB directory in the redis.conf configuration. By default, the redis for IPA is running on TCP port 6405.
  5. ```shell script
  6. ../redis/src/redis-server ./etc/redis.conf

Configure and start the D4 analyzer

```shell script
cd ./etc
cp analyzer.conf.sample analyzer.conf

  1. Edit analyzer.conf to match the UUID of the analyzer queue from your D4 server.
  2. ```shell script
  3. [global]
  4. my-uuid = 6072e072-bfaa-4395-9bb1-cdb3b470d715
  5. d4-server = 127.0.0.1:6380
  6. # INFO|DEBUG
  7. logging-level = INFO

Start the analyzer

```shell script
cd ../bin
python3 run_ipa.py

  2. If you have local pcaps stored in a dataset that you want to analyze, use -p argument and specify the absolute path of the dataset root folder.
  3. ```shell script
  4. python3 run_ipa.py -p /absolute/path/to/dataset/root