-----BEGIN PGP SIGNED MESSAGE----- Yesterday I posted on our web pages our first animation of a long-term log analysis. This is a mini-data-mining experiment that I hope you'll like and find interesting. If nothing else, it should spark some discussions about analysis :-) It's an animation derived from all of our syslog records from 12/1996 through 12/2002, showing all the connections into SDSC.EDU from non-US sources. Since we have almost no non-US users, this is a simple way to try to characterize "intent". We started with 3.4 billion records, and filtered/mined down to about 1 million or so. Details of the data and analysis methodology are on the web page. If you run the animation slowly, you will perhaps see the Internet moving into Eastern Europe in the late 90's, and some real spikes from Canada, Mexico, Brazil, Portugal, etc. I'm still not sure *exactly* what I'm seeing in this animation :-), but its a start at visualizing "security". Enjoy. The animation is off our main security web page at: http://security.sdsc.edu/ - -- Tom E. Perrine <tepat_private> | San Diego Supercomputer Center http://www.sdsc.edu/~tep/ | -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.7 <http://mailcrypt.sourceforge.net/> iQCVAwUBPklTDRTSxpWcaAFRAQHE5QP+IbJ7npeOHBgUWBAVdeXalKwgFOAOLGq7 Sld3aN6/fpuM75IJ3SsgBtuVkDlx3HK4CG7zJJWmxgBnR9j7C3Je3tvodPq7ctBG IlvA8/uhYl67uZxhdWvpaz0QndTS9mbFn0LDIe13kQZ4JFdV+ow38mwxKssy+Oni jaJaXjmk7ss= =txXI -----END PGP SIGNATURE----- _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Tue Feb 11 2003 - 21:42:16 PST