added portScanDetection

2022-12-01 14:48:27 -06:00
parent 1ecb7b5c77
commit df06753e1a
23 changed files with 777 additions and 39 deletions
--- a/CPE449/geolocation/geoip.py
+++ b/CPE449/geolocation/geoip.py
@ -1,39 +0,0 @@
-import pygeoip
-import re as regex
-
-ipAddrList = { }
-
-ipAddrCountry = { }
-
-geoip = pygeoip.GeoIP('GeoIP.dat')
-
-loginFile = open("logins.txt")
-loginList = loginFile.readlines()
-
-ipAddrRegex = regex.compile(r'(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})')
-
-uniqueIPs = 0
-uniqueIPsByCountry = 0
-
-for login in loginList:
-    ipAddr = regex.split(ipAddrRegex, login)
-    ip = ipAddr[1]
-    # use dictionary for number of IPs in a Country
-    country = geoip.country_code_by_addr(ip)
-    if country not in ipAddrCountry.values():
-        uniqueIPsByCountry += 1
-    ipAddrCountry[ip] = country
-    if ip in ipAddrList.keys():
-        ipAddrList[ip] += 1
-    else:
-        uniqueIPs+=1
-        ipAddrList[ip] = 1
-
-print("\nIP Addresses by count:\n")
-for ipCount in ipAddrList:
-    print(ipCount,":", ipAddrList.get(ipCount))
-print("\nIP Addresses by country:\n")
-for ipCountry in ipAddrCountry:
-    print(ipCountry, ":", ipAddrCountry.get(ipCountry))
-print("\nNumber of unique IP addresses: ", uniqueIPs)
-print("\nNumber of unique IP addresses by Country: ", uniqueIPsByCountry, "\n")
--- a/CPE449/geolocation/geolocate.py
+++ b/CPE449/geolocation/geolocate.py
@ -0,0 +1,55 @@
+import pygeoip
+import re as regex
+
+ipAddrList = { }
+
+ipAddrCountryCount = { }
+ipAddrCountries = { }
+
+geoip = pygeoip.GeoIP('GeoIP.dat')
+
+loginFile = open("logins.txt")
+loginList = loginFile.readlines()
+
+ipAddrRegex = regex.compile(r'(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})')
+
+uniqueIPs = 0
+uniqueIPsByCountry = 0
+
+for login in loginList:
+    ipAddr = regex.split(ipAddrRegex, login)
+    ip = ipAddr[1]
+    if ip in ipAddrList:
+        country = geoip.country_code_by_addr(ip)
+        if country not in ipAddrCountryCount.values():
+            uniqueIPsByCountry += 1
+        ipAddrList[ip] += 1
+    else:
+        country = geoip.country_code_by_addr(ip)
+        if country not in ipAddrCountryCount.values():
+            uniqueIPsByCountry += 1
+        ipAddrCountries[ip] = country
+        uniqueIPs+=1
+        ipAddrList[ip] = 1
+
+for ip in ipAddrList.keys():
+    # use dictionary for number of IPs in a Country
+    country = geoip.country_code_by_addr(ip)
+    if country in ipAddrCountryCount:
+        ipAddrCountryCount[country] += 1
+    else:
+        ipAddrCountryCount[country] = 1
+
+print("\nIP Addresses by occurrence:\n")
+for ipCount in ipAddrList:
+    print(ipCount,":", ipAddrList.get(ipCount))
+
+print("\nIP Addresses by country:\n")
+for ipCountry in ipAddrCountries:
+    print(ipCountry, ":", ipAddrCountries.get(ipCountry))
+
+print("\nIP Address count from countries:\n")
+for ipCountry in ipAddrCountryCount:
+    print(ipCountry, ":", ipAddrCountryCount.get(ipCountry))
+
+print("\nNumber of unique IP addresses: ", uniqueIPs)