Visualizing Honeynet Project iptables data

michaelrash writes: "The Honeynet Project so far has released several Scan of the Month challenges to the security community, and two of these challenges have included extensive iptables logfiles that contain malicious traffic directed at the Honeynet. Security visualization is becoming increasingly important to get meaningful information from mountains of data generated by intrusion detection systems and firewalls, and the new site Secviz.org is helping to bring visualization of security data to the masses. By combining psad with the graphing capabilities of the AfterGlow project, I have created a set of graphs that display some of the more interesting features of the Honeynet iptables log data. Outbound SSH and IRC connections are shown coming from a compromised host on the Honeynet, and graphs of the Slammer worm (UDP port 1434) and the Nachi worm (92-byte ICMP packets) are clearly shown. There are parsers on Secviz.org for other types of logfiles, so start graphing your data!"