Skip to content

Basic network security monitoring tool that focuses on defensive capabilities

License

Notifications You must be signed in to change notification settings

dewitt4/network-security-monitor

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Network Security Monitor

A Python-based network security monitoring tool for detecting and logging suspicious network activity patterns.

Features

  • Real-time connection monitoring
  • Detection of high-frequency connection attempts
  • Unusual port access monitoring
  • Suspicious pattern tracking
  • Automated security reporting
  • Detailed event logging

Installation

git clone https://github.com/dewitt4/network-security-monitor
cd network-security-monitor
pip install -r requirements.txt

Required dependencies:

  • Python 3.8+
  • pandas
  • socket
  • logging

Usage

Basic implementation:

from network_security_monitor import NetworkSecurityMonitor

# Initialize the monitor
monitor = NetworkSecurityMonitor()

# Monitor a connection
monitor.monitor_connection(
    source_ip="192.168.1.100",
    dest_port=80,
    timestamp=datetime.datetime.now()
)

# Generate security report
report = monitor.generate_report()
print(report)

# Get suspicious activity summary
summary = monitor.get_suspicious_activity_summary()
print(summary)

Configuration

The monitor tracks several types of suspicious patterns:

  • Repeated authentication failures
  • Connections to unusual ports (non-standard ports)
  • High-frequency connection attempts (>5 requests/second)

Logs are stored in security_monitor.log with the following format:

YYYY-MM-DD HH:MM:SS - LEVEL - MESSAGE

Security Considerations

  • This tool is for defensive monitoring only
  • Ensure proper access controls for log files
  • Regularly review and backup security reports
  • Configure firewall rules to allow monitoring traffic
  • Implement secure storage for IP addresses

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Implement changes with tests
  4. Submit a pull request

Contributing Guidelines.

License

MIT License - See LICENSE file for details.

Support

For bugs and features, open an issue on the GitHub repository.

Disclaimer

This tool is for legitimate security monitoring only. Users are responsible for complying with applicable laws and regulations regarding network monitoring.

About

Basic network security monitoring tool that focuses on defensive capabilities

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages