Nov 27 04:08:34 vm73 sshd[14302]: Address 173.254.240.68 maps to 173.
+254.240.68.static.quadranet.com, but this does not map back to the ad
+dress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:08:37 vm73 sshd[14304]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:08:40 vm73 sshd[14306]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:08:42 vm73 sshd[14308]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:08:45 vm73 sshd[14310]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:08:48 vm73 sshd[14312]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:08:51 vm73 sshd[14314]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:08:54 vm73 sshd[14316]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:08:56 vm73 sshd[14318]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:08:59 vm73 sshd[14324]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:09:02 vm73 sshd[14328]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:09:05 vm73 sshd[14330]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:09:08 vm73 sshd[14333]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:09:11 vm73 sshd[14335]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:09:13 vm73 sshd[14337]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:09:21 vm73 sshd[14339]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:09:25 vm73 sshd[14342]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:09:28 vm73 sshd[14344]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 04:09:30 vm73 sshd[14346]: Address 173.254.240.68 maps to 173.2
+54.240.68.static.quadranet.com, but this does not map back to the add
+ress - POSSIBLE BREAK-IN ATTEMPT!
Nov 28 04:58:11 vm73 sshd[1882]: Address 198.144.186.184 maps to host.
+colocrossing.com, but this does not map back to the address - POSSIBL
+E BREAK-IN ATTEMPT!
How do i modify this code so that it can determine the number of time that an IP address occurred and the domain name from which the IP is mapped ?
my $ipFound;
my $count = 0;
print "Which file among the following files do you want to check ? \n"
+;
my $directory = '/home/psimo/it441/challenge/logs';
opendir (DIR, $directory) or die $!;
while ( my $file = readdir(DIR) ) {
print " $file \n";
}
print "Please enter the file name: ";
my $theFile = <STDIN>;
chomp ($theFile);
open READ, '<', "$directory/$theFile" or die "CAN'T OPEN FILE! The fil
+e name entered does not exist\n";
while(<READ>){
if(/POSSIBLE BREAK-IN ATTEMPT!/){
if(/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/){
$ipFound = $1;
print $_;
$count++;
}
}
}
print " There are $count break-in attempts ";
|