Jump to content
Sign in to follow this  

IP Filtering against SYN-Rec floods

Recommended Posts


I want to check for syn-rec floods on my server and developed a smal script i can retriev the ips which have the WAITING status but i need to count how often each ip has it i dont know how to do that i got this so far i hope somebody can help me now.

#include <string.au3>

;Local $PID = Run(@ComSpec & " /c netstat -n -p TCP", @SystemDir, @SW_HIDE, 2)
Local $PID = FileRead("ip.txt")
Local $Out, $IParray
While 1
    $Out &= StdoutRead($PID)
    If @error Then ExitLoop

$OutArray = StringSplit($PID, @CR)

For $i = 1 To $OutArray[0]
    If StringInStr($OutArray[$i], " WARTEND") Then
        If StringInStr($OutArray[$i], ":80 ") Then
       ;MsgBox(0, $i & " of " & $OutArray[0], $OutArray[$i])
        $IParray = _StringBetween($OutArray[$i], ":80", ":")
       ;MsgBox(0, $i & " of " & $OutArray[0], ">>>" & _
       ;        StringTrimLeft($IParray[0], 7) & "<<<")

Share this post

Link to post
Share on other sites

plz help me all i need is a help with how can i start to count the ips ..

i tried a bunch of stuff but it didnt work out

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this