Chapter 14: iptables Log Visualization
Below are all visualizations of iptables log data within Chapter 14:Traffic Spike: Number of packets to ports per minute
![Traffic Spike: Number of packets to ports per minute Traffic Spike: Number of packets to ports per minute](/LinuxFirewalls/ch14/fig14-1.png)
Traffic Spike: Number of SYN packets to ports per hour
![Traffic Spike: Number of SYN packets to ports per hour Traffic Spike: Number of SYN packets to ports per hour](/LinuxFirewalls/ch14/fig14-2.png)
Port Scan: Source IP addresses vs. number of unique ports
![Port Scan: Source IP addresses vs. number of unique ports Port Scan: Source IP addresses vs. number of unique ports](/LinuxFirewalls/ch14/fig14-3.png)
Port Scan: Time vs. unique ports
![Port Scan: Time vs. unique ports Port Scan: Time vs. unique ports](/LinuxFirewalls/ch14/fig14-4.png)
Port Sweep: External sources vs. number of unique local destinations
![Port Sweep: External sources vs. number of unique local destinations Port Sweep: External sources vs. number of unique local destinations](/LinuxFirewalls/ch14/fig14-5.png)
Port Sweep (3D): External source addresses vs. destination ports vs. packet counts
![Port Sweep (3D): External source addresses vs. destination ports vs. packet counts Port Sweep (3D): External source addresses vs. destination ports vs. packet counts](/LinuxFirewalls/ch14/fig14-6.png)
Port Sweep: MySQL 3306
![Port Sweep: MySQL 3306 Port Sweep: MySQL 3306](/LinuxFirewalls/ch14/fig14-7.png)
Link graph of MySQL port sweep
![Link graph of MySQL port sweep Link graph of MySQL port sweep](/LinuxFirewalls/ch14/fig14-8.png)
Slammer worm: packet counts by the hour
![Slammer worm: packet counts by the hour Slammer worm: packet counts by the hour](/LinuxFirewalls/ch14/fig14-9.png)
Slammer worm: packet counts by the minute
![Slammer worm: packet counts by the minute Slammer worm: packet counts by the minute](/LinuxFirewalls/ch14/fig14-10.png)
Nachi worm traffic by the hour
![Nachi worm traffic by the hour Nachi worm traffic by the hour](/LinuxFirewalls/ch14/fig14-11.png)
Link graph of Nachi worm 92-byte ICMP packets
![Link graph of Nachi worm 92-byte ICMP packets Link graph of Nachi worm 92-byte ICMP packets](/LinuxFirewalls/ch14/fig14-12.png)
Compromised Honeynet system: Point graph of outbound connections
![Compromised Honeynet system: Point graph of outbound connections Compromised Honeynet system: Point graph of outbound connections](/LinuxFirewalls/ch14/fig14-13.png)
Compromised Honeynet system: Link graph of outbound connections
![Compromised Honeynet system: Link graph of outbound connections Compromised Honeynet system: Link graph of outbound connections](/LinuxFirewalls/ch14/fig14-14.png)