Visualising networked attacks using fail2ban, GeoIP and Mapnik. Demo at:
JavaScript Python
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
data
fonts
images
interactive
templates
CHANGELOG
INSTALL
README
add_bandit.py
config.ini
draw_map.py
my_functions.py
notes.txt
update_geoip.py
write_kml.py

README

README for Banditvis
====================
Thomas Steinbrenner <thomas@thomas-steinbrenner.net>
v0.3, August 2012
This software is licensed under the GNU Lesser General Public License.

== General

Hi!

Banditvis is an open source project to visualise the origin of networked attacks.
In detail it uses fail2ban to detect, GeoIP to locate and Mapnik to visualise.

== Requirements

* fail2ban (Debian: fail2ban, http://www.fail2ban.org/ )

* Python >= 2.6.6 (Debian: python, http://www.python.org/ )
* Python GeoIP >= 1.2.4 (Debian: python-geoip, http://www.maxmind.com/app/python/)
* Python Mapnik >= 0.7.1 (Debian: python-mapnik, http://mapnik.org/)
* Python Psycopg2 >= 2.2.1 (Debian: python-psycopg2, http://initd.org/psycopg/)
* Python Imaging Library >= 1.1.7 (Debian: python-imaging, http://www.pythonware.com/products/pil/)

* PostgreSQL >= 8.4.7 (Debian: postgresql, http://www.postgresql.org/)
* PostGIS >= 1.5.1 (Debian: postgresql-8.4-postgis, http://postgis.refractions.net/ )

== Installation

see INSTALL file
If you are having trouble, please don't hesitate to contact me!

== Configuration

* Customise config.ini

== Usage

* add_bandit.py ip_address [offence]: add an attack to the database.
* draw_pointmap.py: draw the visualisation.
* update_geoip.py: Try to download a new GeoIP database.
* write_to_kml.py: Write the current Databays to a .kml file.

== Disclaimer

This software is licensed under the GNU Lesser General Public License.
This project follows no commercial interests whatsoever and is purely done in the author's spare time.
The author cannot be held responsible for harm or damage done by using this software.
Also like the authors of third party tools used in this project, the author cannot guarantee the accuracy of produced outputs. (So please don't invade countries because of wrong border data e.g. ;) )

== Third-party tools
=== Redistributed

* (data/shapes/*) World Borders Shape file from http://thematicmapping.org/downloads/world_borders.php
* (fonts/LinLibertine_Bd-4.1.5) Linux Libertine Font from http://sourceforge.net/projects/linuxlibertine/

=== Used

* (data/GeoIP/*) Maxmind: This product includes GeoLite data created by MaxMind, available from http://www.maxmind.com/
* OpenLayers: http://openlayers.org/