################################ Ver 0.2 ################################ # ================== NULL.ida扫描者IP排序脚本 ===================== # #!/bin/sh ### null.ida_stat.sh, Ver. 0.2 2004/05/18 13:41:32 Kreny LOG_FILE1='/usr/local/apache2/logs/www.domain1.com-access_log' LOG_FILE2='/usr/local/apache2/logs/www.domain2.com-access_log' # You can add more log files here. #LOG_FILE3='/usr/local/apache2/logs/www.domain3.com-access_log' #LOG_FILE4='/usr/local/apache2/logs/www.domain4.com-access_log' #LOG_FILE5='/usr/local/apache2/logs/www.domain5.com-access_log' FINAL_FILE='/home/user/public_html/log/ida.txt' DATE=`date` # Rank the IP addresses of NULL.IDA scanner # # Add your LOG_FILEs after the $LOG_FILE2 less $LOG_FILE1 $LOG_FILE2 | grep NULL.IDA | awk '{print $1}'| sort | uniq -c | sort -rn > $FINAL_FILE echo "" >> $FINAL_FILE echo "Last update:".$DATE >> $FINAL_FILE # ================== 仅列出IP地址 (感谢 随风漂 指导) ================== # #!/bin/sh ####### null.ida_stat.sh, Ver. 0.2 2004/05/18 13:41:32 Kreny ####### ####### Only List the Scanner's IPs ####### LOG_FILE1='/usr/local/apache2/logs/www.domain1.com-access_log' LOG_FILE2='/usr/local/apache2/logs/www.domain2.com-access_log' # You can add more log files here. #LOG_FILE3='/usr/local/apache2/logs/www.domain3.com-access_log' #LOG_FILE4='/usr/local/apache2/logs/www.domain4.com-access_log' #LOG_FILE5='/usr/local/apache2/logs/www.domain5.com-access_log' FINAL_FILE='/home/user/public_html/log/ida_ip.txt' DATE=`date` awk '/NULL.IDA/{print $1}' $LOG_FILE1 $LOG_FILE2 | sort -u > $FINAL_FILE echo "" >> $FINAL_FILE echo "Last update:".$DATE >> $FINAL_FILE ################################ Ver 0.1 ################################ #!/bin/sh ### null.ida_stat.sh, Ver. 0.1 2004/05/15 14:33:28 Kreny LOG_FILE1='/usr/local/apache2/logs/www.domain1.com-access_log' LOG_FILE2='/usr/local/apache2/logs/www.domain2.com-access_log' ### You can add more log files here. #LOG_FILE3='/usr/local/apache2/logs/www.domain3.com-access_log' #LOG_FILE4='/usr/local/apache2/logs/www.domain4.com-access_log' #LOG_FILE5='/usr/local/apache2/logs/www.domain5.com-access_log' TMP_FILE='/home/user/public_html/log/ida.tmp' FINAL_FILE='/home/user/public_html/log/ida.txt' DATE=`date` ### Get the IP addresses of NULL.IDA scanner less $LOG_FILE1 | grep NULL.IDA | awk '{print $1}' > $TMP_FILE less $LOG_FILE2 | grep NULL.IDA | awk '{print $1}' >> $TMP_FILE #less $LOG_FILE3 | grep NULL.IDA | awk '{print $1}' >> $TMP_FILE #less $LOG_FILE4 | grep NULL.IDA | awk '{print $1}' >> $TMP_FILE #less $LOG_FILE5 | grep NULL.IDA | awk '{print $1}' >> $TMP_FILE sort $TMP_FILE | uniq -c | sort -rn > $FINAL_FILE echo "" >> $FINAL_FILE echo "Last update:".$DATE >> $FINAL_FILE