geoip-attack-map icon indicating copy to clipboard operation
geoip-attack-map copied to clipboard

Published 20 hours ago verified publisher icon MatthewClarkMay

Plot by dst_ip.

Open beave opened this issue 7 years ago • 5 comments

Hello,

First off I love this map. It's a nice KISS (Keep It Simple Stupid) approach which I've been looking for. Thank you for developing it.

I've been able to feed the map from our SIEM without an issue. One thing I've noticed is the is seems to plot from src_ip -> hqLatLng (from the static/map.js). We have multiple sites around the county and it would be useful for it to plot from src_ip -> dst_ip.

Is this possible with the current code? It seems to take the dst_ip from the feed but I don't see where it actually uses it along with the maxmind data to plot from src -> dst.

If it does not, I'll see what I can kludge together. Thank you again.

beave avatar Apr 19 '17 12:04 beave

I was able to "kludge" the code to do what I wanted. It isn't clean by any stretch, but I could try and clean it up if you think it would be a helpful option to other people.

Also - Have you considered a licenses for your software?

beave avatar Apr 19 '17 13:04 beave

Great to hear you found a workaround! I would love to see what you've come up with if you'd like to share your code. I don't have a ton of time to dedicate to this project so contributions are appreciated. I released it under GPL, but this is my first large open source project I've ever had so I'm learning as I go.

MatthewClarkMay avatar Apr 19 '17 15:04 MatthewClarkMay

Just wanted to say that I would find this useful as well. We're attempting to do the same thing, if you have any hints @beave I would appreciate them.

BeanBagKing avatar Aug 30 '17 19:08 BeanBagKing

Please share the codes @beave

suhiherazeN1N avatar Aug 12 '19 11:08 suhiherazeN1N

I'm attempting to do the same thing. Could any charitable soul show us the way?

FernandoHiagon avatar Apr 21 '20 05:04 FernandoHiagon