unixu Posted May 30, 2009 Posted May 30, 2009 I want to check for syn-rec floods on my server and developed a smal script i can retriev the ips which have the WAITING status but i need to count how often each ip has it i dont know how to do that i got this so far i hope somebody can help me now. #include <string.au3> ;Local $PID = Run(@ComSpec & " /c netstat -n -p TCP", @SystemDir, @SW_HIDE, 2) Local $PID = FileRead("ip.txt") Local $Out, $IParray While 1 $Out &= StdoutRead($PID) If @error Then ExitLoop WEnd $OutArray = StringSplit($PID, @CR) For $i = 1 To $OutArray[0] If StringInStr($OutArray[$i], " WARTEND") Then If StringInStr($OutArray[$i], ":80 ") Then ;MsgBox(0, $i & " of " & $OutArray[0], $OutArray[$i]) $IParray = _StringBetween($OutArray[$i], ":80", ":") ;MsgBox(0, $i & " of " & $OutArray[0], ">>>" & _ ; StringTrimLeft($IParray[0], 7) & "<<<") EndIf EndIf Next
unixu Posted May 30, 2009 Author Posted May 30, 2009 plz help me all i need is a help with how can i start to count the ips .. i tried a bunch of stuff but it didnt work out
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now