search

mushorg / buttinsky

Botnet monitoring is a crucial part in threat analysis and often neglected due to the lack of proper open source tools. Our tool will provide an open source framework for automated botnet monitoring. The modular design will allow full customization of the used protocols, the monitoring clients behavior, how we log the collected information, processing of the data to analyze the botnets purpose, size and threat and how the monitoring task are distributed between dedicated nodes.
http://buttinsky.org
GNU General Public License v3.0
79 stars 27 forks source link

Add support for UDP sockets #23

Closed pjlantz closed 11 years ago

adepasquale commented 11 years ago

Here's a pull request for a draft implementation: https://github.com/buttinsky/buttinsky/pull/24 I don't know if that's what you meant, please let me know if there's more work/refactoring to be done.

glaslos commented 11 years ago

Looks good so far. If you agree regarding "TCP/UDP should be configurable", I'll accept and you can follow up with whatever we agree upon :)

adepasquale commented 11 years ago

I agree, is it ok to add a connection_type field to the settings file?

glaslos commented 11 years ago

Shouldn't it be connection_protocol_type to be correct?

adepasquale commented 11 years ago

What about keeping a layer_ prefix like network_protocol_type? Also, I'd like to configure host, port and protocol in the same place. Do you think it's best using gevent_client.Client.__init__() or Layer1.settings()?

glaslos commented 11 years ago

I'd do it in the Client as it is more related to it.

glaslos commented 11 years ago

Do you have anything left to do for this issue?

adepasquale commented 11 years ago

IMO the issue could be closed. Thanks for your help.

glaslos commented 11 years ago

Done thanks to Andrea