Open DPsystems opened 3 years ago
./attack_stats.sh lookup:
======= Attack Statistics based on current log files =======
Using: /var/log/messages Key: WINDOW
From: Apr 1 03:20:14
To : Apr 28 10:16:29
-- Number of blocked attacks in log files : 107653
-- Number of unique IP addresses attacking : 12484
Average # of attacks per IP : 8
Percentage of attacks from top 50 IPs : 63.7%
Percentage of attacks from top 10 IPs : 57.0%
Percentage of attacks from top 5 IPs : 51.3%
Top 20:
Attacks: IP Address: Country:
-------------------------------
19469 91.191.209.122 EU
15363 5.188.206.236 EU
7189 91.191.209.125 EU
6862 91.191.209.124 EU
6389 91.191.209.123 EU
3171 59.7.91.13
760 77.40.17.54 RU
760 77.40.10.115 RU
759 31.184.196.15 RU
684 5.188.206.235 EU
504 77.40.17.61 RU
351 1.245.241.182 KR
350 222.119.99.159
300 222.113.1.102
300 1.11.128.154 KR
248 176.96.238.131 RU
247 77.40.61.69 RU
225 107.173.62.29 US
216 198.50.159.124 CA
216 167.114.188.12 BR
There are two scripts that come with the system that provide reports on the effectiveness of login-shield. Feel free to share any details from these reports to show how well your system is working.
Here are some current examples from mine:
./count_logins.sh:
Here is my main web server: (edit and tab over 4 spaces to make it come out properly)