def map_data(): attack_sources = helpers.query("SELECT IP as ip, COUNT(ID) as attempts, MIN(DateTime) as first_attempt, MAX(DateTime) as last_attempt FROM sshattempts GROUP BY IP ORDER BY COUNT(ID) DESC;") total_attacks = helpers.query("SELECT count(*) FROM sshattempts;", one = True) attack_summaries = [] for point in attack_sources: origin = geolite2.lookup(point['ip']) if origin is not None: radius = ((point['attempts'] / total_attacks['count']) * 100) fill = 'SML' if radius > 40: fill = 'BIG' elif radius > 20: fill = 'MED' elif radius < 5: radius = 5 attack_summaries.append({ 'IP': point['ip'], 'latitude': origin.location[0], 'longitude': origin.location[1], 'count': point['attempts'], 'fillKey': fill, 'firstAttempt': point['first_attempt'].strftime('%Y-%m-%d %H:%M:%S'), 'lastAttempt': point['last_attempt'].strftime('%Y-%m-%d %H:%M:%S'), 'radius': radius }) return Response(json.dumps(attack_summaries), mimetype='application/json')
def _home(): allData = {} allData['passwords'] = helpers.query("SELECT password as label, COUNT(ID) as data FROM sshattempts GROUP BY password ORDER BY COUNT(ID) DESC LIMIT 10;") allData['usernames'] = helpers.query("SELECT username as label, COUNT(ID) as data FROM sshattempts GROUP BY username ORDER BY COUNT(ID) DESC LIMIT 10;") allData['sources'] = helpers.query("SELECT IP as label, COUNT(ID) as data FROM sshattempts GROUP BY IP ORDER BY COUNT(ID) DESC LIMIT 10;") allData['history'] = helpers.query("SELECT date_part('epoch', date_trunc('hours', datetime)) * 1000 as t, Count(ID) FROM sshattempts WHERE datetime > (NOW() - '1 days'::INTERVAL) GROUP BY t ORDER BY t DESC;") return Response(json.dumps(allData), mimetype='application/json')
def _home(): allData = {} allData['passwords'] = helpers.query( "SELECT password as label, COUNT(ID) as data FROM sshattempts GROUP BY password ORDER BY COUNT(ID) DESC LIMIT 10;" ) allData['usernames'] = helpers.query( "SELECT username as label, COUNT(ID) as data FROM sshattempts GROUP BY username ORDER BY COUNT(ID) DESC LIMIT 10;" ) allData['sources'] = helpers.query( "SELECT IP as label, COUNT(ID) as data FROM sshattempts GROUP BY IP ORDER BY COUNT(ID) DESC LIMIT 10;" ) allData['history'] = helpers.query( "SELECT date_part('epoch', date_trunc('hours', datetime)) * 1000 as t, Count(ID) FROM sshattempts WHERE datetime > (NOW() - '1 days'::INTERVAL) GROUP BY t ORDER BY t DESC;" ) return Response(json.dumps(allData), mimetype='application/json')
def map_data(): attack_sources = helpers.query( "SELECT IP as ip, COUNT(ID) as attempts, MIN(DateTime) as first_attempt, MAX(DateTime) as last_attempt FROM sshattempts GROUP BY IP ORDER BY COUNT(ID) DESC;" ) total_attacks = helpers.query("SELECT count(*) FROM sshattempts;", one=True) attack_summaries = [] for point in attack_sources: origin = geolite2.lookup(point['ip']) if origin is not None: radius = ((point['attempts'] / total_attacks['count']) * 100) fill = 'SML' if radius > 40: fill = 'BIG' elif radius > 20: fill = 'MED' elif radius < 5: radius = 5 attack_summaries.append({ 'IP': point['ip'], 'latitude': origin.location[0], 'longitude': origin.location[1], 'count': point['attempts'], 'fillKey': fill, 'firstAttempt': point['first_attempt'].strftime('%Y-%m-%d %H:%M:%S'), 'lastAttempt': point['last_attempt'].strftime('%Y-%m-%d %H:%M:%S'), 'radius': radius }) return Response(json.dumps(attack_summaries), mimetype='application/json')
def home(): lastFifty = helpers.query("SELECT DateTime, IP, username, password FROM sshattempts ORDER BY DateTime DESC LIMIT 50;") topCount = getCount() topCombo = getTopCombo() return render_template( 'index.html', title='Home Page', year=datetime.now().year, page_data=lastFifty, count=topCount, topUser=topCombo['username'], topPassword=topCombo['password'], )
def home(): lastFifty = helpers.query( "SELECT DateTime, IP, username, password FROM sshattempts ORDER BY DateTime DESC LIMIT 50;" ) topCount = getCount() topCombo = getTopCombo() return render_template( 'index.html', title='Home Page', year=datetime.now().year, page_data=lastFifty, count=topCount, topUser=topCombo['username'], topPassword=topCombo['password'], )
def getTopCombo(): topCombo = helpers.query( "SELECT username, password FROM sshattempts GROUP BY username, password ORDER BY count(ID) DESC;", one=True) return topCombo
def getCount(): result = helpers.query("SELECT count(*) FROM sshattempts;", one=True) return result['count']
def getTopCombo(): topCombo = helpers.query("SELECT username, password FROM sshattempts GROUP BY username, password ORDER BY count(ID) DESC;", one = True) return topCombo
def getCount(): result = helpers.query("SELECT count(*) FROM sshattempts;", one = True) return result['count']