예제 #1
0
        public void ban(string sshdmessage)
        {
            // Ban the IP indicated in the event log message

            Regex IPV4 = new Regex(@"\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b");
            Regex User = new Regex(@"(?<=user ).*?(?= from)");

            Match ip   = IPV4.Match(sshdmessage);
            Match user = User.Match(sshdmessage);

            if (ScutaConfig.enableIOT)
            {
            }
            ;

            if (ScutaConfig.enableMessageForwarding)
            {
                MsgForwarding forwarder = new MsgForwarding(); forwarder.SendMessage(String.Format("Banning user {0} from {1}", user.Value, ip.Value));
            }

            FWCtrl.ban(ip.Value, ScutaConfig.banMinutes, user.Value);
        }
예제 #2
0
        public void ban(string ip, string user)
        {
            // Ban the IP indicated in the event log message

            FWCtrl.ban(ip, ScutaConfig.banMinutes, user);

            if (ScutaConfig.enableIOT)
            {
                recordToIOT(ip, user);
            }
            ;
            if (ScutaConfig.enablePBI)
            {
                recordToPBI(ip, user);
            }
            ;

            if (ScutaConfig.enableMessageForwarding)
            {
                MsgForwarding forwarder = new MsgForwarding(); forwarder.SendMessage(String.Format("Banning user {0} from {1}", user, ip));
            }
        }