Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/oguzy/ovizart
https://github.com/oguzy/ovizart
Last synced: 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/oguzy/ovizart
- Owner: oguzy
- License: gpl-3.0
- Created: 2012-04-06T12:32:19.000Z (about 12 years ago)
- Default Branch: master
- Last Pushed: 2013-04-22T08:13:03.000Z (about 11 years ago)
- Last Synced: 2024-01-25T13:04:29.224Z (5 months ago)
- Language: JavaScript
- Homepage:
- Size: 7.58 MB
- Stars: 46
- Watchers: 12
- Forks: 15
- Open Issues: 7
-
Metadata Files:
- Readme: README
- License: LICENSE
Lists
- awesome-honeypots - ovizart - Visual analysis for network traffic. (Data Tools)
- paralax-awesome-honeypots - ovizart - visual analysis for network traffic. (<a name="visualizers"></a> Data Tools)
- awesome-honeypots - ovizart - Visual analysis for network traffic. (Data Tools)
- awesome-honeypots - ovizart - Visual analysis for network traffic. (Data Tools)
- -awesome-honeypots- - ovizart - Visual analysis for network traffic. (Data Tools)
- awesome-honeypots - ovizart - Visual analysis for network traffic. (Data Tools)
- fucking-awesome-honeypots - ovizart - Visual analysis for network traffic. (Data Tools)
README
Installation
* Install zc.buildout:
At Ubuntu this is done via the command below
$ sudo apt-get install python-zc.build
* Run the buildout command to initialize and install the requirements
$ cp buildout.cfg.org buildout.cfg
$ python bootstrap.py
$ buildout2.7
* install mongodb server
$ sudo apt-get install mongodb-server
You may test the mongodb running my writing mongo to he command line
it you see an shell like below then you may continue with bro installation
$ mongo
MongoDB shell version: 2.0.4
connecting to: test
Requirements for Bro installation
$ sudo apt-get install libmagic-dev libgeoip-dev libpcap-dev libssl-dev libncurses5-dev g++ bison flex cmake swig2.0 make gcc g++ python-dev swig zlib1g-dev
$ ./configure --enable-debug
$ make
$ sudo make install
$ cd /usr/local/bro/bin
$ sudo broctl
$ install
$ start
$ stop
$ check
$ exit
$ /usr/local/bro/bin/bro -C -r pcap_fille.name should be working
* Bro is used both for protocol detection and TCP reassembly. To let Bro handle assemble the contents, a file should be changed. If you installed Bro to /usr/local/bro/ then edit the file /usr/local/bro/share/bro/base/protocols/conn/contents.bro as below
## If this variable is set to ``T``, then all contents of all connections
## will be extracted.
const default_extract = T &redef;
* make a directory named "uploads" where the setting.py file is.
$ mkdir uploads
$ chown a+w uploads
* tshark is required for an alternative method to detect application layer protocols where bro fails
$ sudo apt-get install tshark
* If you got backend errors like "django.core.exceptions.ImproperlyConfigured: 'django_mongodb_engine' isn't an available database backend."
install the django-mongodb backend manually
$ pip install hg+https://bitbucket.org/wkornewald/django-nonrel
$ pip install hg+https://bitbucket.org/wkornewald/djangotoolbox
$ pip install git+https://github.com/django-nonrel/mongodb-engine
Django projects requires a table creation first
$ bin/django syncdb
The project uses hachoir Python library, install them also
$ sudo apt-get install python-hachoir-* (i should add this part to the buildout configuration also)
* to handle smtp, it is required to install tcpflow. After checking the results of Bro and Tcpflow, for smtp, the created flows files seem more manageable.
$ sudo apt-get install tcpflow