DDoS monitoring and alert [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 2 years ago.

Improve this question

I want to monitor my network against DDoS and found a screen shot of DDoS monitoring alert by someone. Can any one let me know which software is this after seeing snap shot.

Answer 1

I don't recognise this specific gui, but it could be a customization of snort Gui's.

You can use snort to achive your goal, there are 4 snort gui project active by today. here is a description:

BASE

The Basic Analysis and Security Engine was based off of the old ACID code codebase. The ACID GUI interface (which is now dead, and has been for about five or six years) was a college project written by an attendee of Carnegie Mellon. It hasn't been actively developed since about 2003. BASE, a fork of the ACID code, picked up where the original author left off, added a bunch of new features, and made it easy to use, multi-language, and a highly functional GUI. There were plans for a redesign of BASE, including the database format that it reads from, but Kevin Johnson, the original BASE project manager has since left the project and turned the project over to new management. However, it remains the most popular Snort GUI interface with over 215,000 downloads. BASE is written in PHP, and has several dependencies. BASE has it's own IRC channel #secureideas, although there is rarely anyone there, so most people come to the default #snort for help.

Snorby

A relative newcomer to the Snort GUI area, Snorby uses a lot of "Web 2.0" effects and rendering providing the user with a very sharp and beautifully functioning tool. This seems to be the current "go-to" web interface for Snort. While it has many of the features of BASE (and a lot more, hotkeys, classifications, an iOS interface, and actual pdf reporting), and not as featured as SGUIL (in terms of architecture), it's extremely easy to deploy, looks fantastic, and functions as an alert browser very well. Snorby's code is hosted on Github, here. Another advantage of Snorby is that it integrates with the OpenFPC project. Functioning similar to how SGUIL collects all information on the network using Full Packet Capture (FPC), Snorby gives you the ability to not only view the Snort alert, but also to view the alerts in context with the rest of the packet flow on the network. Snorby's IRC channel can be found at #snorby.

SQueRT

Paul wrote in about SQueRT. SQueRT uses the SGuil database format and is also web based. You can see the screenshots and download it at the link above.

There is a comparison of that three too here

There are many more projects but are currently inactive with exception of the squil. The most active projects by today, that you can use are SQueRT and Snorby