Jump to content
Sign in to follow this  

IP Filtering against SYN-Rec floods

Recommended Posts


I want to check for syn-rec floods on my server and developed a smal script i can retriev the ips which have the WAITING status but i need to count how often each ip has it i dont know how to do that i got this so far i hope somebody can help me now.

#include <string.au3>

;Local $PID = Run(@ComSpec & " /c netstat -n -p TCP", @SystemDir, @SW_HIDE, 2)
Local $PID = FileRead("ip.txt")
Local $Out, $IParray
While 1
    $Out &= StdoutRead($PID)
    If @error Then ExitLoop

$OutArray = StringSplit($PID, @CR)

For $i = 1 To $OutArray[0]
    If StringInStr($OutArray[$i], " WARTEND") Then
        If StringInStr($OutArray[$i], ":80 ") Then
       ;MsgBox(0, $i & " of " & $OutArray[0], $OutArray[$i])
        $IParray = _StringBetween($OutArray[$i], ":80", ":")
       ;MsgBox(0, $i & " of " & $OutArray[0], ">>>" & _
       ;        StringTrimLeft($IParray[0], 7) & "<<<")

Share this post

Link to post
Share on other sites

plz help me all i need is a help with how can i start to count the ips ..

i tried a bunch of stuff but it didnt work out

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.