Friday, July 18, 2008

Afterglow visual from Amun sensor

Splendid, awesome.. whatever....!



sourcefile

dotfile

csvfile

2 comments:

Joey aka Rizal said...

What does this graph shows?
Do explain? am a bit curious...

mnajem said...

the distributed IPs were source of botnet/malwares, attacking/attempt to infect the honeypot (dot 139).

DCOM and PNP were the types of vulnerabilities classified.

the vulnerabilities emulated in Amun for e.g derived from MS vuln bulletin(PNP and DCOM vuln), maybe u can check code MS05-039 and MS03-026