unixu Posted May 30, 2009 Share Posted May 30, 2009 I want to check for syn-rec floods on my server and developed a smal script i can retriev the ips which have the WAITING status but i need to count how often each ip has it i dont know how to do that i got this so far i hope somebody can help me now. #include <string.au3> ;Local $PID = Run(@ComSpec & " /c netstat -n -p TCP", @SystemDir, @SW_HIDE, 2) Local $PID = FileRead("ip.txt") Local $Out, $IParray While 1 $Out &= StdoutRead($PID) If @error Then ExitLoop WEnd $OutArray = StringSplit($PID, @CR) For $i = 1 To $OutArray[0] If StringInStr($OutArray[$i], " WARTEND") Then If StringInStr($OutArray[$i], ":80 ") Then ;MsgBox(0, $i & " of " & $OutArray[0], $OutArray[$i]) $IParray = _StringBetween($OutArray[$i], ":80", ":") ;MsgBox(0, $i & " of " & $OutArray[0], ">>>" & _ ; StringTrimLeft($IParray[0], 7) & "<<<") EndIf EndIf Next Link to comment Share on other sites More sharing options...
unixu Posted May 30, 2009 Author Share Posted May 30, 2009 plz help me all i need is a help with how can i start to count the ips .. i tried a bunch of stuff but it didnt work out Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now