Register
Statement: There are two files. One file, "badIP_list.txt" has a listing of known bad IP addresses. These addresses were extracted from Talos Threat Hunting listings for 26 Jul 2018. The second file, "server_logs.
194k views
1 vote
Statement: There are two files. One file, "badIP_list.txt" has a listing of known bad IP addresses. These addresses were extracted from Talos Threat Hunting listings for 26 Jul 2018. The second file, "server_logs.txt", is a listing of IP addresses pulled off of your firewall logs, representing computers which have attempted entry into your network through network services, such as http, ssh and ftp. You will find which bad actors have attempted to enter your network for the purpose of tuning your firewalls and IDS's. Challenge: Write a program which reads in both files and checks the IP addresses from your server logs against the know bad IP's. If there is a match, write the bad IP address to a file titled "filter_list.txt". List unique IP's, do not list duplicates. Also, at the end of the "filter_list.txt" there should be a total of "Known bad IP's detected", and the percentage of IP addresses from your logs which are bad. (Divide the number of bad IP's by the number of total IP's)

User Rado
by
4.3k points

1 Answer

1 vote

Answer:

See explaination

Step-by-step explanation:

SOURCE CODE IN PYTHON:

inp=open('badIP_list.txt', 'r') #opening file for input

badIPs=[i.rstrip('\\') for i in inp.readlines()] #reading bad IPs

inp.close() #closing file

inp=open('server_logs.txt', 'r') #opening file for input

IPs=[i.rstrip('\\') for i in inp.readlines()] #reading all IPs from log

inp.close() #closing file

uniqueBadIPs=[] #to store unique bad IPs

countBadIPs=0 #to store count of bad IPs

countIPs=0 #to store count of all IPs

for IP in IPs: #iterating through the log of IPs

if IP in badIPs: #checking if IP is bad

countBadIPs+=1

if IP not in uniqueBadIPs: #checking if bad IP is unique

uniqueBadIPs.append(IP)

countIPs+=1

out=open('filter_list.txt', 'w') #opening file for output

out.write('_________________________________________________________\\')

out.write('Date : 26/07/2018\\Name : Last, First\\Major: CS\\\\')

out.write('Server logs contained these known bad IP addresses:\\')

for IP in uniqueBadIPs: #output the unique bad IPs

out.write(IP+'\\')

out.write('\\')

out.write('Total unique known bad IP\'s detected:\\'+str(len(uniqueBadIPs))+'\\\\')

out.write('Percentage of bad IP addresses in server logs:\\{:.2f}%\\'.format(countBadIPs*100/countIPs))

out.write('_________________________________________________________')

out.close() #closing file

User Pillingworth
by
4.3k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

4.5m questions

5.8m answers

Other Questions

Assume you have created a mechanical arm that can hold a pen. The arm can perform the following tasks: • Lower the pen to a piece of paper. • Raise the pen from the paper. • Move the pen 1 inch along a
Drag each connector name to match the connector type shown.
In which part is data processing done?
What is the maximum throughput of a homogeneous pipeline in which four processors each handle one million instructions per second and processing a data item requires 50, 60, 40, and 30 instructions, respectively?
What problem does chlorofluorocarbon (CFC) create? a. it causes lead poisoning b.it causes great damage to the ozone layer c. it leaks into food as it cools the air and refrigerators d. it is responsible
Link Copied!