Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: API port data SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
API port data
I am using the port API (https://isc.sans.edu/api/#port) call to collect data for a research paper on modeling cybersecurity attacks using stochastic differential equations. I understand most of the data returned in the XML results except the UDP and TCP fields. Are these the actual number of events that occur on the port using those two protocols? If there is a reference to the data returned in the fields that is more comprehensive than the API documentation page?

Thank you ahead o time for your help!
JJ

1 Posts
Quoting JJ:I am using the port API (https://isc.sans.edu/api/#port) call to collect data for a research paper on modeling cybersecurity attacks using stochastic differential equations. I understand most of the data returned in the XML results except the UDP and TCP fields. Are these the actual number of events that occur on the port using those two protocols? If there is a reference to the data returned in the fields that is more comprehensive than the API documentation page?

Thank you ahead o time for your help!


You could try https://isc.sans.edu/api/#porthistory or https://isc.sans.edu/api/#portdate. You may want to examine https://isc.sans.edu/api/ as all the data that is available is listed out in there.
Anonymous

-

Sign Up for Free or Log In to start participating in the conversation!