Created
March 1, 2012 03:19
-
-
Save mutaku/1946987 to your computer and use it in GitHub Desktop.
BASH sorting of brute force attempts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # finding authentication errors in all message log files | |
| grep -r "authentication error" messages* | awk '{split($0,a," "); print a[NF],a[NF-2]}' > attempts | |
| # username | |
| cut -d ' ' -f2 attempts | sort -k 2,2 | uniq -c | sort -nr > attempts_username | |
| # IP | |
| cut -d ' ' -f1 attempts | sort | uniq -c | sort -nr > attempts_ip |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
GEOIP - location for an IP example
curl -s "http://www.geody.com/geoip.php?ip=222.186.9.52" | sed '/^IP:/!d;s/<[^>][^>]*>//g' | awk '{split($0,a,":"); print a[2]}'