PHP or perl script for lastb

emulater · 11-25-2006, 02:59 PM

I want to post top 10 or 20 Ip addresses that have failed at loginging into ssh on my webpage. Sort of like a "today's top 10 losers". The script will need to show anyone who has tried to login and failed greater then 10 times. I know the script will take a while to run therefore take a long time for the page to load, so it has to be fast. I dont need to load the whole lastb file only todays attempts..possible?

unSpawn · 11-26-2006, 04:43 PM

Moved: This thread is more suitable in the Programming forum and has been moved accordingly to help your thread/question get the exposure it deserves.

jiml8 · 11-28-2006, 12:18 AM

Sure it's possible. How do you process logins? Just stick the login attempt into a mysql database and every time they try increment a counter in the db. To construct your list, sort the db by number of attempts within a specific date.

bigearsbilly · 11-28-2006, 04:08 AM

I don't know the format of your file, something like

Code:

grep $(date +o format) login_file | grep failed | 
      cut -f(required fields) | 
      sort | uniq -c | sort -n | head -10

would do it