SourceFiles.org - Use the Source, Luke
Home | Register | News | Forums | Guide | MyLinks | Bookmark

Sponsored Links

Latest News
  General News
  Reviews
  Press Releases
  Software
  Hardware
  Security
  Tutorials
  Off Topic


Back to files

README file for Panoptis
Constantinos A. Kotsokalis || ckotso@grnet.gr

  1. What is Panoptis?

Panoptis is a project aiming at detecting and stopping DoS and DDoS attacks that bring the Internet to each knees every day. It tries to do that by processing Cisco(R) NetFlow(TM) data.

2. What do I need to use it?

First, you need a router that exports NetFlow(TM) data. Versions 1, 5 and 8 are supported, although version 8 has not been tested AT ALL. You also need a server to accept data and process it.

In order to compile the software you need a C++ compiler (tested only with g++ for the time being) and the CommonC++ library, found at http://www.gnu.org/software/commonc++/CommonC++.html At the moment the software has been linked against and tested with commoncpp2-1.0.9

YOU WILL ALSO NEED g++ VERSION 3.x!!! This is very important! Compiling with g++ 2.95.x or earlier versions causes segmantation faults in some cases. This has to do with CommonC++, not Panoptis.

Before you can use the software, you must also have read SNMP access to your router. That is only needed by the speeds.py script that collects some initial information (the .py extention should already make you think you'll need the Python programming language installed -- that's true :))

3. Ok I'm all set, now what?

First, compile the software:
# ./configure
# make

Note that after the configure script has finished, you'll have to edit the Makefile to link against libxml, if you have linked CommonC++ against it (that is if you have not used the --disable-xml switch when configuring CommonC++).

DON'T ``make install'', the code to handle that is not there yet -- it's a little spot that needs to be fixed and will be soon.

Then, change to the "panoptis" directory and run the speeds.py script like this:
# ./speeds.py myrouter-address.my-isp.com ifspeed.txt

After that edit the configuration file. Information on its format is available in the sample file provided with this release (config.txt). Then, edit the mail.py script and change the SMTP_SERVER, FROM_ADDR, TO_ADDR and BASE_URL variables according to your configuration.

You're now ready to go. For Bourne shell type: # ./panoptis -c config.txt -s ifspeed.txt > panoptis.log 2>&1 & For csh/tcsh type:
# ./panoptis -c config.txt -s ifspeed.txt >& panoptis.log &

All the output is directed to panoptis.log. In order to use the web interface, copy the pview.py script to your cgi-bin directory, and edit it to change the REMOTE_HOST variable (you'll see it at the beginning of the script).

Bear in mind that this is a beta release, and it might not work as expected or may yeld errors. You can always contact me (ckotso@grnet.gr) and let me know of such errors or other strange behavior.


Sponsored Links

Discussion Groups
  Beginners
  Distributions
  Networking / Security
  Software
  PDAs

About | FAQ | Privacy | Awards | Contact
Comments to the webmaster are welcome.
Copyright 2006 Sourcefiles.org All rights reserved.