Skript kontrollib OpenSSH logist ebaõnnestunud autentimisi ning lävendi ületamisel blokeerib IP aadressi: Difference between revisions
From ICO wiki
Jump to navigationJump to search
(Created page with '<source lang="python"> #!/usr/bin/python import smtplib failures = {} kir=open("/etc/hosts.deny",'r+') fh = open("/home/risto/python/opensshsisend.py") for rida in fh.readlines()…') |
No edit summary |
||
| Line 1: | Line 1: | ||
<source lang="python"> | <source lang="python"> | ||
#!/usr/bin/python | #!/usr/bin/python | ||
#Autor: Risto Siitan | |||
#Ryhm:A22 | |||
#Skript kontrollib OpenSSH logist ebaõnnestunud autentimisi ning lävendi ületamisel blokeerib IP aadressi | |||
#smtplib on vajalik e-maili saatmiseks | |||
import smtplib | import smtplib | ||
#loome sõnastiku | |||
failures = {} | failures = {} | ||
#avame hosts.deny ning vastava logi faili | |||
kir=open("/etc/hosts.deny",'r+') | kir=open("/etc/hosts.deny",'r+') | ||
fh = open(" | fh = open("openssh.log") | ||
for rida in fh.readlines(): | for rida in fh.readlines(): | ||
# IP-aadressid | #Leiame ebaõnnestunud sisse logimiste IP-aadressid ja lisame sõnastikku: | ||
if "Failed password" in rida: | if "Failed password" in rida: | ||
r = rida.split()[12] | r = rida.split()[12] | ||
| Line 13: | Line 19: | ||
else: | else: | ||
failures[r] = 1 | failures[r] = 1 | ||
#Omistame uue nime sõnastikule ning sorteerime suuremast väiksemaks(-arv): | |||
massiiv = failures.items() | massiiv = failures.items() | ||
massiiv.sort(key = lambda (failures, arv):-arv) | massiiv.sort(key = lambda (failures, arv):-arv) | ||
for failures, arv in massiiv: | for failures, arv in massiiv: | ||
# | #Lisame lävendi(antud juhul 9): | ||
if (arv > 9): | if (arv > 9): | ||
#Kirjutame lävendist üle olevad IP aadressid hosts.deny faili: | |||
vana=kir.read() | vana=kir.read() | ||
kir.write(vana +'%s\n' % (failures)) | kir.write(vana +'%s\n' % (failures)) | ||
kir.close() | kir.close() | ||
fh.close() | fh.close() | ||
sender = ' | |||
receivers = [' | #Saadame e-mailiga teavituse: | ||
sender = 'username@mail.com' | |||
receivers = ['username@mail.com'] | |||
message = """From: From Person <from@fromdomain.com> | message = """From: From Person <from@fromdomain.com> | ||
To: To Person <to@todomain.com> | To: To Person <to@todomain.com> | ||
Subject: | Subject: Blokeeriti IP aadress | ||
/etc/hosts.deny listi lisati uus IP aadress. | /etc/hosts.deny listi lisati uus IP aadress. | ||
""" | """ | ||
Revision as of 21:24, 23 May 2011
#!/usr/bin/python
#Autor: Risto Siitan
#Ryhm:A22
#Skript kontrollib OpenSSH logist ebaõnnestunud autentimisi ning lävendi ületamisel blokeerib IP aadressi
#smtplib on vajalik e-maili saatmiseks
import smtplib
#loome sõnastiku
failures = {}
#avame hosts.deny ning vastava logi faili
kir=open("/etc/hosts.deny",'r+')
fh = open("openssh.log")
for rida in fh.readlines():
#Leiame ebaõnnestunud sisse logimiste IP-aadressid ja lisame sõnastikku:
if "Failed password" in rida:
r = rida.split()[12]
if failures.has_key(r):
failures[r] += 1
else:
failures[r] = 1
#Omistame uue nime sõnastikule ning sorteerime suuremast väiksemaks(-arv):
massiiv = failures.items()
massiiv.sort(key = lambda (failures, arv):-arv)
for failures, arv in massiiv:
#Lisame lävendi(antud juhul 9):
if (arv > 9):
#Kirjutame lävendist üle olevad IP aadressid hosts.deny faili:
vana=kir.read()
kir.write(vana +'%s\n' % (failures))
kir.close()
fh.close()
#Saadame e-mailiga teavituse:
sender = 'username@mail.com'
receivers = ['username@mail.com']
message = """From: From Person <from@fromdomain.com>
To: To Person <to@todomain.com>
Subject: Blokeeriti IP aadress
/etc/hosts.deny listi lisati uus IP aadress.
"""
try:
smtpObj = smtplib.SMTP('localhost')
smtpObj.sendmail(sender, receivers, message)
print "Email saadetud"
except smtplib.SMTPException:
print "Error: Ei saanud email-i saata"
