Author Topic: Maybe new create new field in base ip?  (Read 9431 times)

0 Members and 1 Guest are viewing this topic.

November 20, 2007, 02:38:31 pm
Read 9431 times


  • Newbie

  • Offline
  • *

  • 3
Sorry, im from russia and don`t speak english good :(

But, im analising some types of traffic ,on some internet providers (my work - create routers on PC for little-providers, thats my little job)
and sometimes we have attacks on this servers. Im collect statistics, and at that time,
im understand - lists need(except ip and dn):
1. Last check
2. Weight!!! (of course with some methods? I`m dont understand how say this correct...)
3. Reason (that can be in your`s base).

And, if your`s need some ip`s of attackers (and reasons with what his named 'attackers', and some with recorded traffic - im record from tcpdump -w , how start some scripts from cron every ~5 minutes,  depend on activity).

Sorry if my english is bad.
But bigger than 90 percent of russian admins(thats practice) is FAT and very stupidly(or may be greedy?), and do`nt  think what a doing!!!
And me need support peoples, who understand what a they doing!

November 21, 2007, 05:17:40 pm
Reply #1


  • Special Members
  • Hero Member

  • Offline
  • *

  • 1964
Hello and welcome to the forum.

1. As the list doesn't update itself it is done manually, it would mean adding the check time next to every entry when I add it. The closest thing at the moment, which would show recent entries would be the update page.
If I decide to automate the process though, this would be very useful to add.
2. Filesize? Again, because entries are checked manually and most of the files are not stored, it would mean adding an entry for filesize each time. If in the near future we do automate it, I will try and have some additional information such as this, and perhaps MD5 etc...
3. Description will describe the reason for why the domain is listed.

November 21, 2007, 08:48:04 pm
Reply #2


  • Guest
...a small thought/suggestion...
since a lot of people seem to find convenient the "update.php" page,
maybe it would be useful if it was mentioned right in the main page,
eg.below the "Looking for Storm?" link...
say like "Interested in latest additions and updated entries?"...

November 22, 2007, 01:30:43 am
Reply #3


  • Newbie

  • Offline
  • *

  • 3
May be i can take a hint?
Databese may be in raw format, but only what a need - trusted location of fields! This useful.
But im can`t take you method for transfer(im using ssl connection to ftp, and in network over VLAN...)
Maybe im dont understand you correctly, sorry.

And that:
maybe im can help you`rs for generalization to solve problem with some attacks.
I can use some times ago a cluster on 16xPentiumI with my system, and use clusterization of weigt of polls.
Weight is collecting discrets, discrets - simple episodes/categories of attacks. SOme attacks include methods of other attacks,
and for future time we have some stabilized clusters of types attacks and dont loose time needed for computing.
Of course, very need methods of resorting lists by priority! - this a separating topic. This all a recursia - this about using time (maybe 'recursia' word is wrong ? i`m dont have good dictonary).

I want to say more, but for me very hard to write.
But im say more, this:
Clusters, only clusters.
But no systems has correctly support space of integers/code (as a one element), and dont get instruments like a tree - as a element of element "cluster"(may be that can be to say  differ?(about tree) dont understand how say this correct.)
At next. We have unified calculating tree, - and something need! - Contexts! Unified contexts! And this work.
And else, with simple correlator in kernel, job is more better. This take more information about clusterized systems (links of systems) and more objective data. And we can use this functions on reverse process (first - learn , second - teach :)  )

And a features, what has angry me, unusable, - intagers with fixed limits, his need to be have a place!! Grrrr! And some objects, translated in many
documents like ".c" !!! But if i cant know about than?  - Grrrr! Something else... a.. im forgot.  And archives of data, history,distribution - i solve this and some more on low level. - Im sure, this dont be give time of programmer!

And im, some time ago construct my system for that (space of code). At one i solve a problem with distribution of calculating on many machines on low level, and some fundamental problems too. Idea is take me that, be at ~1999-2000 year.
This system may be used on different ways, as example on self-learning protocols(electrical), and else im use this for library (for compress and deal fast searching words/contexts).....

Im hope, in near future im resort all what im have on this project and deal it free, maybe over GPL.
But ideas free forever ;)
And if i can help somewho - im be very happy.

Sorry, may-be im deal some flood?