Help regarding information available at Storm Centre
24 views
Skip to first unread message
saini
Feb 24, 2012, 4:16:24 AM2/24/12
to SANS Internet Storm Center / DShield
I am a PhD student working in the Information systems management
department at Indian Institute of Management, Lucknow, India.
My research is aimed at predicting the risks of cyber attacks. I found
some data available at Storm Centre which I could work with.
However, I have a few queries.
1. Please let me know the meaning of the “Reports” column available at
http://isc.sans.edu/country.html. Does it mean attacks reported from
the particular source nation?
2. Also is it possible to have data of the top 100 ports by reports,
targets and sources for more than one day. Currently we can see the
data only for the present day at http://isc.sans.edu/reports.html.
It would be really helpful if you could provide some solution to my
queries.
department at Indian Institute of Management, Lucknow, India.
My research is aimed at predicting the risks of cyber attacks. I found
some data available at Storm Centre which I could work with.
However, I have a few queries.
1. Please let me know the meaning of the “Reports” column available at
http://isc.sans.edu/country.html. Does it mean attacks reported from
the particular source nation?
2. Also is it possible to have data of the top 100 ports by reports,
targets and sources for more than one day. Currently we can see the
data only for the present day at http://isc.sans.edu/reports.html.
It would be really helpful if you could provide some solution to my
queries.
Adam Swanger
Feb 24, 2012, 9:02:17 AM2/24/12
to SANS Internet Storm Center / DShield
Thanks for your interest in ISC data.
1. Please let me know the meaning of the "Reports" column available at
http://isc.sans.edu/country.html. Does it mean attacks reported from
the
particular nation?
- Reports is the summed number of reports, grouped by geoip location,
received by those submitting data to the www.dshield.org project.
2. Also is it possible to have data of the top 100 ports by reports,
targets and sources for more than one day. Currently we can see the
data
only for the present data at http://isc.sans.edu/reports.html.
- Our API would be the easiest way and offers a variety of parameters
and output formats to pull data. You can find port info at
https://isc.sans.edu/api/#topports Feel free to skim all the options
at https://isc.sans.edu/api/
On Feb 24, 4:16 am, saini <saini....@gmail.com> wrote:
> I am a PhD student working in the Information systems management
> department at Indian Institute of Management, Lucknow, India.
> My research is aimed at predicting the risks of cyber attacks. I found
> some data available at Storm Centre which I could work with.
> However, I have a few queries.
>
> 1. Please let me know the meaning of the “Reports” column available athttp://isc.sans.edu/country.html. Does it mean attacks reported from
1. Please let me know the meaning of the "Reports" column available at
http://isc.sans.edu/country.html. Does it mean attacks reported from
the
- Reports is the summed number of reports, grouped by geoip location,
received by those submitting data to the www.dshield.org project.
2. Also is it possible to have data of the top 100 ports by reports,
targets and sources for more than one day. Currently we can see the
data
- Our API would be the easiest way and offers a variety of parameters
and output formats to pull data. You can find port info at
https://isc.sans.edu/api/#topports Feel free to skim all the options
at https://isc.sans.edu/api/
On Feb 24, 4:16 am, saini <saini....@gmail.com> wrote:
> I am a PhD student working in the Information systems management
> department at Indian Institute of Management, Lucknow, India.
> My research is aimed at predicting the risks of cyber attacks. I found
> some data available at Storm Centre which I could work with.
> However, I have a few queries.
>
> the particular source nation?
>
> 2. Also is it possible to have data of the top 100 ports by reports,
> targets and sources for more than one day. Currently we can see the
> data only for the present day athttp://isc.sans.edu/reports.html.
>
> 2. Also is it possible to have data of the top 100 ports by reports,
> targets and sources for more than one day. Currently we can see the
Reply all
Reply to author
Forward
0 new messages