Detect high numbers of outgoing connections per user. Maybe use Snort?

Ukończone Opublikowano Feb 13, 2012 Płatność przy odbiorze
Ukończone Płatność przy odbiorze

I'd like to detect abusive network traffic outgoing from my server (caused by different users on the server, maybe they're infected by a virus).

I'd like a solution that I can install as root on the server and that'll alert me if the number of outgoing connections per user (each has a unique private IP) per 1-minute time interval exceeds some threshold. Alert me simply by calling an HTTP POST webservice.

This needs to work on Ubuntu 10.04 LTS

In your bid, please specify what path you would take to solve this. Use Snort, or some other existing package? Or build something custom with iptables?

I'll also need a script to install/deploy the solution on the server.

Inżynieria Linux Zarządzanie projektem Instalowanie skryptów Shell Script Architektura oprogramowania Testowanie oprogramowania Administrator systemu

Numer ID Projektu: #2711343

O projekcie

4 ofert Zdalny projekt Aktywny Feb 28, 2012

Przyznany użytkownikowi:

kobor

See private message.

$42.5 USD w ciągu 22 dni
(75 ocen)
4.9

4 freelancerów złożyło ofertę za $216 w tym projekcie

tiborveres

See private message.

$250.75 USD w ciągu 22 dni
(25 Oceny)
5.6
njcole

See private message.

$150 USD w ciągu 22 dni
(12 Oceny)
5.4
klarakarl

See private message.

$420.75 USD w ciągu 22 dni
(17 Oceny)
4.8