public DangerousHTTPRequests SecureFilterAndScanAllFile() { DangerousHTTPRequests dangerousRequests = new DangerousHTTPRequests(); FilteredRecords filtered = new FilteredRecords(); try { using (StreamReader sr = new StreamReader(fileName, System.Text.Encoding.Default)) { string line; //long bytesSeek = 0; while ((line = sr.ReadLine()) != null) { if (OneRecord.IsRecordCanBeCreated(line)) { OneRecord record = new OneRecord(line); //filteredList.AddRecord(record); if (DangerousHTTPRequests.isRecordLoginFailure(record)) { filtered.AddRecord(record); } } } } } catch (FileNotFoundException ioEx) { Console.WriteLine(ioEx.Message); } dangerousRequests = filtered.AttackDetector(); return(dangerousRequests); }
private void WatcherChanged(object sender, FileSystemEventArgs e) { //Console.WriteLine("Type of changes: {0}; Changed: {1}", e.ChangeType, e.Name); //MessageBox.Show(String.Format("Type of changes: {0}; Changed: {1}", e.ChangeType, e.Name)); //isHackDetacted = false; DangerousHTTPRequests dr = new DangerousHTTPRequests(); int DangerousIpSize = dangerousRequests.DangerousIp.Count(); //if (dangerousRequests.DangerousIp.Any()) //{ // DangerousIpSize = dangerousRequests.DangerousIp.Count(); //} //string s = ReadLastLine(logfile.fileName); //MessageBox.Show(String.Format("Добавлено: {0}", s)); if (isLastRecordAdded()) { //MessageBox.Show(String.Format("Добавлено: {0} --- {1}", filteredRecords.FilteredRecordsList.Last().logString,filteredRecords.FilteredRecordsList.First().logString)); dr = filteredRecords.AttackDetector(); if (dr.DangerousIp.Any()) { foreach (KeyValuePair <string, float> keyValue in dr.DangerousIp) { bool isHackerDetected = false; if (keyValue.Value == 100) { if (mailAddress != null) { SendEmail(keyValue.Key); BackgroundWatcher.makeNotify(notifyIcon1, String.Format("ip: {0} взламывает ваш ресурс прямо сейчас! Мы отправили уведомление на вашу почту!", keyValue.Key)); } else { BackgroundWatcher.makeNotify(notifyIcon1, String.Format("ip: {0} взламывает ваш ресурс прямо сейчас!", keyValue.Key)); } isHackerDetected = true; } if (!dangerousRequests.DangerousIp.ContainsKey(keyValue.Key)) { if (!isHackerDetected) { BackgroundWatcher.makeNotify(notifyIcon1, "Попытка возможного взлома обнаружена"); } dangerousRequests.DangerousIp[keyValue.Key] = keyValue.Value; addDangerousIp?.Invoke(); // 2.Вызов события //writeToAnalisisTextBox(); } else { float value = 0; dangerousRequests.DangerousIp.TryGetValue(keyValue.Key, out value); if (keyValue.Value > value) { if (!isHackerDetected) { BackgroundWatcher.makeNotify(notifyIcon1, "Попытка возможного взлома обнаружена с большей вероятностью"); } dangerousRequests.DangerousIp[keyValue.Key] = keyValue.Value; addDangerousIp?.Invoke(); // 2.Вызов события } } } } //if (dangerousRequests.DangerousIp.Count() > DangerousIpSize) //{ // BackgroundWatcher.makeNotify(notifyIcon1, "Попытка возможного взлома обнаружена"); // //DangerousIpSize = dangerousRequests.DangerousIp.Count(); // //DangerousIpSize = dangerousRequests.DangerousIp.Count(); // //if (!isAnyDangerousIpDetected) // //{ // // isAnyDangerousIpDetected = true; // //} // //isHackDetacted = true; // //foreach(KeyValuePair<string,float> keyValue in dangerousRequests.DangerousIp) // // WriteDangerousRequest_InBackgroundMode_ToWindow(keyValue); // //dangerousRequests.DangerousIp.Clear(); // } //} //foreach (KeyValuePair<string, float> keyValue in dangerousRequests.DangerousIp) //{ // //if (isDangerousIPFound(keyValue)) // //{ // //} //} } }