Note: I haven't had time to set this up and try it myself, but the sample output looks good. I will update this page with more information when I have had time to check out the tool.
Updated version posted on August 22, 2001. This version now supports negative UTC time zones.
Capricorn Consulting has a demo of a BorderManager packet filter log analyzer tool at http://www.capricorn.de:8887.
Their tool (runs on Linux) is free, and you can download it here. Here is the description of the tool I got via email:
The date will be updated every 2 minutes (you can change this), you will be able to view all the old log files, per entry all infos are displayed: source:port - dest:port - protocol - flags - direction. All sort functions (i.e. per source-IP or dest.-ip), links to whois and ifos about the attacks on this port in last days and statistical functions: attacks per IP / Port etc. Alerting per email or pager on special log entries.
See this link for a brief explanation of the fields in a packet filter log.
Return to the Main Page