User login

Jacob Willetts's blog

04

May

2015

This week and last I implemented a few basic filters, configured the time series graph scales and added a table displaying the most prominent flows and the associated device.
Turns out pcap doesn't store direction information so I couldn't implement the ingress/egress filter. pcap-ng supports direction though Libtrace doesn't support this format yet. Should be easy enough to implement when I have the information available.
Recently I have been planning my presentation which is this Wednesday.
Plan on seeing Brad either this week or next week to get NetFlow configured so I can start working with real data.

11

Apr

2015

The first few weeks I focused on the blurb and proposal.

Throughout the next few weeks I installed and got familiar with Python, Django (web application framework), SQLite (database) and Flot (Javascript graphs). My aim was to get the web page layout completed so that I can focus on collecting, storing and querying the Netflow data.

I found a trace file and wrote a script to output Python code which I piped into the Python terminal to save it to a SQLite database. I then queried the data in Django and graphed some information including protocol counts and a usage timeline.

Last week I discovered Shane's Libprotoident library for application layer protocol identification for flows. I thought it would be great if I could utilise this to display application information for the flows I will collect. I went to see Shane, who told me a previous students project used Libprotoident to request the type of information I would like. I will look into this over the next few weeks.

This week I have been busy with assignments. I hope to continue with the web interface early next week.