My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

New Feature: Subnet Report

Published: 2015-02-26. Last Updated: 2015-02-26 18:17:29 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

We do have a new way to search our data more efficiently by subnets. Right now, the data will cover recent reports to DShield and a few of external feeds that we include. You can access the new report here: https://isc.sans.edu/subnetquery.html

I am still monitoring the impact the queries have on our overall database performance. For now, you are limited to 3 queries per minute if you are not logged in. 

And as a reminder: The data is only as good as the data we receive. Please consider contributing your own data. See https://isc.sans.edu/howto.html for details. We do also access web server error logs (see: 404 project) and Kippo SSH honeypot logs.

In case of high database load, you will be redirected back tot he index page (index_cached.html), 

 

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords: dshield feature
1 comment(s)
My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Comments

When I enter an IP I don't see any results. After clicking "Search" I'm returned to the same page with the IP address removed, but the /xx maintained. Is this the return to the index page during high traffic periods?

Diary Archives