Closed

DDoS attack Tcpdump log file Analysis Program

Hi.

DDoS attack Tcpdump log file Analysis Program.

I prefer PHP , MySQL , Scripting language.

Dev Server : CentOS 6.3

please read attack file : [url removed, login to view]

oops .. miss spell ... ^^/

please read attach file : todo.txt

===============================
Hi.

Tcpdump log file Analysis Program.

I prefer PHP , MySQL , Scripting language.

Dev Server : CentOS 6.3


==================================================================
[Main Function]
==================================================================
1. [Packet dump start & stop Program]


ex) /sbin/data_dump.php 1.1.1.1 10

argv parameter 1 => 1.1.1.1 ( Destination IP )
argv parameter 2 => 10 minute


** Should be stopped after Specified (10) minutes.


(ex)
/var/log/dump/2012_10_05/1.1.1.1.dmp

************************************************************************************

# tcpdump -i eth0 -nnS -vvv net 101.250.3.72 -X -s 1500 -w 101.250.3.72.dmp
# tcpdump -tttt -r 101.250.3.72.dmp | more

==================================================================
2. [ information extraction & store MySQL database program ]


MySQL table sample


[1. attack_history ]
1. pid :
2. victim_ip : 1.1.1.1
3. dest_port : 80
4. start_time : Y-m-d H:i:s
5. stop_time : Y-m-d H:i:s
6. attack_protocol : tcp, udp , icmp , other
7. packet_lenth : Average packet length
8. attack_type : udp attack , tcp syn attack ...( detail Types of attacks infomation )
9. max_bits :
10. total_byte : 1000000 ...
11. total_packet : 111111111
.... etc ....



[2. zombie_history]

1. pid :
2. attack_pid :
3. zombie_source_ip : 9.9.9.9
4. source_port : 6000
5. victim_ip : 1.1.1.1
6 dest_port : 80
7. Country : KR , US , JP .... (From GeoIP Library)
8. ISP : KT, SK, .... (From GeoIP Library)
8. ISP manager emai : , .... (From GeoIP Library)

9. start_time : Y-m-d H:i:s
10. stop_time : Y-m-d H:i:s
11. victim_ip : 1.1.1.1
12. attack_protocol : tcp, udp , icmp , other
13. packet_lenth : Average packet length
14. attack_type : udp attack , tcp syn attack ...( detail Types of attacks infomation )
15. max_bits :
16. total_byte : 1000000 ...
11. total_packet : 111111111
.... etc ....


all the packet information should be stored .


==================================================================
3. simple PHP Web report program :
==================================================================

work dir : /var/www/html/

3-1 : Attack history list & Zombis IP List
3-2 : Detailed HTML report. & "MRTG style" chart report.
3-3 : Log download...
..... etc ....



==================================================================
Dev & Test server :
==================================================================

Dev Server : CentOS 6.3

IP : 14.206.6.7

ssh id : root
ssh pass : dev1234
MYSQL : root , dev1234
MySQL Database : dev

Sample TCPDUMP Log file : /home/data/


*** Fast, stable, Real time work.... should be.. ;)

Skills: HTML, Linux, MySQL, PHP

See more: tcpdump ddos, tcpdump ddos attack, ddos tcpdump, ddos attack tcpdump, centos tcpdump ddos, ddos attack log file, php tcpdump mysql, ddos attack log, tcpdump log mysql, tcpdump log ddos attack, tcpdump attack, tcpdump ddos log, ddos mysql program, mysql ddos, php read tcpdump file, server scripting language, tcpdump log, server ddos tcpdump, php program language, ddos, server log, server ddos, php analysis, analysis log file, linux attack server

About the Employer:
( 2 reviews ) Incheon, Korea, Republic of

Project ID: #2539521

4 freelancers are bidding on average $275 for this job

zeke

Available to start immediately and finish as soon as possible. Best Regards, Zeke

$250 USD in 3 days
(149 Reviews)
6.8
logomafia4u

Don't really want to bore you with our profile. If you are interested to see our competitive advantages, please let us know. Now regarding your project, we took a quick look at it and we feel this should be a good More

$350 USD in 15 days
(7 Reviews)
4.4
VR26

We are a Web design and development company that focuses on regular communication with our clients and timely delivery for all our projects. Some of the technologies/area that we focus include:

$250 USD in 6 days
(2 Reviews)
2.0
GKTbPl084

Custom software development ([url removed, login to view] Administrator removed this message for containing contact details which breaches our Terms of Service)

$250 USD in 1 day
(0 Reviews)
0.0