In MARIU16/proyecto_master: What the package does (short line)
Suricata / Snort Ruleset to detect and block bad SSL connections in your network.
Abuses include botnets, malware campaigns and banking malware.
Many entries are associated with networks based on popular bots and malware such as Zeus, Shylock and kinships attacks.
The origin source updates every 15 minutes.
Objective: Cross the black list obtained from the following link: 'https://sslbl.abuse.ch/blacklist/sslipblacklist_aggressive.rules': base on the list of ip's by country to determine the origin of the attacks.
Ip's black list (SSLBL) can be used to compare with any ip's log and know who had visit a page, etc.
The next table shows the black list.
library(proyectomaster)
library(iptools)
q<-proyectomaster::get_blacklist_abuse()
q
The range of ip's by countries was downloaded from: Geolite web page: Geoplite
Then we realized the matching between the SSLBL and IPS by countries and the following result was obtained
library(proyectomaster)
library(iptools)
s<-proyectomaster::get_number_blackip_coutry()
s
And finally we show the result
Map
library(proyectomaster, warn.conflicts = FALSE)
library(iptools)
library(rworldmap, warn.conflicts = FALSE, warning(call. = FALSE))
proyectomaster::plot_map()
More information via (GitHub)
Master en Cybersecurity Management - Universidat Politécnica de Catalunya UPC
MARIU16/proyecto_master documentation built on May 7, 2019, 2:04 p.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Suricata / Snort Ruleset to detect and block bad SSL connections in your network.
Abuses include botnets, malware campaigns and banking malware.
Many entries are associated with networks based on popular bots and malware such as Zeus, Shylock and kinships attacks.
The origin source updates every 15 minutes.
Objective: Cross the black list obtained from the following link: 'https://sslbl.abuse.ch/blacklist/sslipblacklist_aggressive.rules': base on the list of ip's by country to determine the origin of the attacks.
Ip's black list (SSLBL) can be used to compare with any ip's log and know who had visit a page, etc.
The next table shows the black list.
library(proyectomaster) library(iptools) q<-proyectomaster::get_blacklist_abuse() q
The range of ip's by countries was downloaded from: Geolite web page: Geoplite
Then we realized the matching between the SSLBL and IPS by countries and the following result was obtained
library(proyectomaster) library(iptools) s<-proyectomaster::get_number_blackip_coutry() s
And finally we show the result
Map
library(proyectomaster, warn.conflicts = FALSE) library(iptools) library(rworldmap, warn.conflicts = FALSE, warning(call. = FALSE)) proyectomaster::plot_map()
More information via (GitHub)
Master en Cybersecurity Management - Universidat Politécnica de Catalunya UPC
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.