You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The tool needs a way to allow for the import and storage of individual listener results into a local database for easier analysis.
This means that I will likely need to restructure the data and add some new flags to listen mode do that connections can be correlated in analysis mode.
This logically extends to offering a frontend of some kind that visualizes the connections.
As for the data output I'm leaning towards having the listener output JSON that contains rich information on detected connections. Something like the following should work, and be easily parsable by an aggregator / analysis mode. The listener assumes that any connections were open ones and not filtered in any way. Though at some point I could probably extend the results from the scanner to provide more details and correlate those with the listener results.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
The tool needs a way to allow for the import and storage of individual listener results into a local database for easier analysis.
This means that I will likely need to restructure the data and add some new flags to listen mode do that connections can be correlated in analysis mode.
This logically extends to offering a frontend of some kind that visualizes the connections.
As for the data output I'm leaning towards having the listener output JSON that contains rich information on detected connections. Something like the following should work, and be easily parsable by an aggregator / analysis mode. The listener assumes that any connections were open ones and not filtered in any way. Though at some point I could probably extend the results from the scanner to provide more details and correlate those with the listener results.
{ "network_tag": "network-a", "listener_ip": "192.168.1.10", "timestamp": "2024-10-17T15:30:00Z", "connections": [ { "source_ip": "192.168.2.5", "source_port": 34567, "target_port": 8080, "protocol": "tcp", "timestamp": "2024-10-17T15:31:05Z" }, { "source_ip": "192.168.3.1", "source_port": 45678, "target_port": 53, "protocol": "udp", "timestamp": "2024-10-17T15:31:10Z" } ] }Beta Was this translation helpful? Give feedback.
All reactions