Skip to content
/ badactors Public

Find all the ip adresses that have repeat offenses according to the NGINX access logs.

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

itgroupstl/badactors

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
bad_actors.sh
bad_actors.sh
 
 

Repository files navigation

Bad Actors

Find all the ip adresses that have repeat offenses according to the NGINX or Apache access logs.
The only requirement is that the log files have the ip address as the first field of every log entry.

Uses a threshold number of your choosing to match against a list of offending http response codes that increments per ip address.

Installation
(Optional) Edit the script file with your threshold and http response code parameters
Making sure it is executable. (sudo chmod +x bad_actors.sh)
Run it. (sudo ./bad_actors.sh)

About

Find all the ip adresses that have repeat offenses according to the NGINX access logs.

Topics

linux security monitoring ids intrusion-detection hids intrusion-prevention ban-hosts ips anti-bot attack-prevention loganalyzer security-tools ban-management

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages