def map_data():
attack_sources = helpers.query("SELECT IP as ip, COUNT(ID) as attempts, MIN(DateTime) as first_attempt, MAX(DateTime) as last_attempt FROM sshattempts GROUP BY IP ORDER BY COUNT(ID) DESC;")
total_attacks = helpers.query("SELECT count(*) FROM sshattempts;", one = True)
attack_summaries = []
for point in attack_sources:
origin = geolite2.lookup(point['ip'])
if origin is not None:
radius = ((point['attempts'] / total_attacks['count']) * 100)
fill = 'SML'
if radius > 40:
fill = 'BIG'
elif radius > 20:
fill = 'MED'
elif radius < 5:
radius = 5
attack_summaries.append({
'IP': point['ip'],
'latitude': origin.location[0],
'longitude': origin.location[1],
'count': point['attempts'],
'fillKey': fill,
'firstAttempt': point['first_attempt'].strftime('%Y-%m-%d %H:%M:%S'),
'lastAttempt': point['last_attempt'].strftime('%Y-%m-%d %H:%M:%S'),
'radius': radius
})
return Response(json.dumps(attack_summaries), mimetype='application/json')
def _home():
allData = {}
allData['passwords'] = helpers.query("SELECT password as label, COUNT(ID) as data FROM sshattempts GROUP BY password ORDER BY COUNT(ID) DESC LIMIT 10;")
allData['usernames'] = helpers.query("SELECT username as label, COUNT(ID) as data FROM sshattempts GROUP BY username ORDER BY COUNT(ID) DESC LIMIT 10;")
allData['sources'] = helpers.query("SELECT IP as label, COUNT(ID) as data FROM sshattempts GROUP BY IP ORDER BY COUNT(ID) DESC LIMIT 10;")
allData['history'] = helpers.query("SELECT date_part('epoch', date_trunc('hours', datetime)) * 1000 as t, Count(ID) FROM sshattempts WHERE datetime > (NOW() - '1 days'::INTERVAL) GROUP BY t ORDER BY t DESC;")
return Response(json.dumps(allData), mimetype='application/json')
def _home():
allData = {}
allData['passwords'] = helpers.query(
"SELECT password as label, COUNT(ID) as data FROM sshattempts GROUP BY password ORDER BY COUNT(ID) DESC LIMIT 10;"
)
allData['usernames'] = helpers.query(
"SELECT username as label, COUNT(ID) as data FROM sshattempts GROUP BY username ORDER BY COUNT(ID) DESC LIMIT 10;"
)
allData['sources'] = helpers.query(
"SELECT IP as label, COUNT(ID) as data FROM sshattempts GROUP BY IP ORDER BY COUNT(ID) DESC LIMIT 10;"
)
allData['history'] = helpers.query(
"SELECT date_part('epoch', date_trunc('hours', datetime)) * 1000 as t, Count(ID) FROM sshattempts WHERE datetime > (NOW() - '1 days'::INTERVAL) GROUP BY t ORDER BY t DESC;"
)
return Response(json.dumps(allData), mimetype='application/json')
def map_data():
attack_sources = helpers.query(
"SELECT IP as ip, COUNT(ID) as attempts, MIN(DateTime) as first_attempt, MAX(DateTime) as last_attempt FROM sshattempts GROUP BY IP ORDER BY COUNT(ID) DESC;"
)
total_attacks = helpers.query("SELECT count(*) FROM sshattempts;",
one=True)
attack_summaries = []
for point in attack_sources:
origin = geolite2.lookup(point['ip'])
if origin is not None:
radius = ((point['attempts'] / total_attacks['count']) * 100)
fill = 'SML'
if radius > 40:
fill = 'BIG'
elif radius > 20:
fill = 'MED'
elif radius < 5:
radius = 5
attack_summaries.append({
'IP':
point['ip'],
'latitude':
origin.location[0],
'longitude':
origin.location[1],
'count':
point['attempts'],
'fillKey':
fill,
'firstAttempt':
point['first_attempt'].strftime('%Y-%m-%d %H:%M:%S'),
'lastAttempt':
point['last_attempt'].strftime('%Y-%m-%d %H:%M:%S'),
'radius':
radius
})
return Response(json.dumps(attack_summaries), mimetype='application/json')
def home():
lastFifty = helpers.query("SELECT DateTime, IP, username, password FROM sshattempts ORDER BY DateTime DESC LIMIT 50;")
topCount = getCount()
topCombo = getTopCombo()
return render_template(
'index.html',
title='Home Page',
year=datetime.now().year,
page_data=lastFifty,
count=topCount,
topUser=topCombo['username'],
topPassword=topCombo['password'],
)
def home():
lastFifty = helpers.query(
"SELECT DateTime, IP, username, password FROM sshattempts ORDER BY DateTime DESC LIMIT 50;"
)
topCount = getCount()
topCombo = getTopCombo()
return render_template(
'index.html',
title='Home Page',
year=datetime.now().year,
page_data=lastFifty,
count=topCount,
topUser=topCombo['username'],
topPassword=topCombo['password'],
)
def getTopCombo():
topCombo = helpers.query(
"SELECT username, password FROM sshattempts GROUP BY username, password ORDER BY count(ID) DESC;",
one=True)
return topCombo
def getCount():
result = helpers.query("SELECT count(*) FROM sshattempts;", one=True)
return result['count']
def getTopCombo():
topCombo = helpers.query("SELECT username, password FROM sshattempts GROUP BY username, password ORDER BY count(ID) DESC;", one = True)
return topCombo
def getCount():
result = helpers.query("SELECT count(*) FROM sshattempts;", one = True)
return result['count']
