public DangerousHTTPRequests SecureFilterAndScanAllFile()
{
DangerousHTTPRequests dangerousRequests = new DangerousHTTPRequests();
FilteredRecords filtered = new FilteredRecords();
try
{
using (StreamReader sr = new StreamReader(fileName, System.Text.Encoding.Default))
{
string line;
//long bytesSeek = 0;
while ((line = sr.ReadLine()) != null)
{
if (OneRecord.IsRecordCanBeCreated(line))
{
OneRecord record = new OneRecord(line);
//filteredList.AddRecord(record);
if (DangerousHTTPRequests.isRecordLoginFailure(record))
{
filtered.AddRecord(record);
}
}
}
}
}
catch (FileNotFoundException ioEx)
{
Console.WriteLine(ioEx.Message);
}
dangerousRequests = filtered.AttackDetector();
return(dangerousRequests);
}
private void WatcherChanged(object sender, FileSystemEventArgs e)
{
//Console.WriteLine("Type of changes: {0}; Changed: {1}", e.ChangeType, e.Name);
//MessageBox.Show(String.Format("Type of changes: {0}; Changed: {1}", e.ChangeType, e.Name));
//isHackDetacted = false;
DangerousHTTPRequests dr = new DangerousHTTPRequests();
int DangerousIpSize = dangerousRequests.DangerousIp.Count();
//if (dangerousRequests.DangerousIp.Any())
//{
// DangerousIpSize = dangerousRequests.DangerousIp.Count();
//}
//string s = ReadLastLine(logfile.fileName);
//MessageBox.Show(String.Format("Добавлено: {0}", s));
if (isLastRecordAdded())
{
//MessageBox.Show(String.Format("Добавлено: {0} --- {1}", filteredRecords.FilteredRecordsList.Last().logString,filteredRecords.FilteredRecordsList.First().logString));
dr = filteredRecords.AttackDetector();
if (dr.DangerousIp.Any())
{
foreach (KeyValuePair <string, float> keyValue in dr.DangerousIp)
{
bool isHackerDetected = false;
if (keyValue.Value == 100)
{
if (mailAddress != null)
{
SendEmail(keyValue.Key);
BackgroundWatcher.makeNotify(notifyIcon1, String.Format("ip: {0} взламывает ваш ресурс прямо сейчас! Мы отправили уведомление на вашу почту!", keyValue.Key));
}
else
{
BackgroundWatcher.makeNotify(notifyIcon1, String.Format("ip: {0} взламывает ваш ресурс прямо сейчас!", keyValue.Key));
}
isHackerDetected = true;
}
if (!dangerousRequests.DangerousIp.ContainsKey(keyValue.Key))
{
if (!isHackerDetected)
{
BackgroundWatcher.makeNotify(notifyIcon1, "Попытка возможного взлома обнаружена");
}
dangerousRequests.DangerousIp[keyValue.Key] = keyValue.Value;
addDangerousIp?.Invoke(); // 2.Вызов события
//writeToAnalisisTextBox();
}
else
{
float value = 0;
dangerousRequests.DangerousIp.TryGetValue(keyValue.Key, out value);
if (keyValue.Value > value)
{
if (!isHackerDetected)
{
BackgroundWatcher.makeNotify(notifyIcon1, "Попытка возможного взлома обнаружена с большей вероятностью");
}
dangerousRequests.DangerousIp[keyValue.Key] = keyValue.Value;
addDangerousIp?.Invoke(); // 2.Вызов события
}
}
}
}
//if (dangerousRequests.DangerousIp.Count() > DangerousIpSize)
//{
// BackgroundWatcher.makeNotify(notifyIcon1, "Попытка возможного взлома обнаружена");
// //DangerousIpSize = dangerousRequests.DangerousIp.Count();
// //DangerousIpSize = dangerousRequests.DangerousIp.Count();
// //if (!isAnyDangerousIpDetected)
// //{
// // isAnyDangerousIpDetected = true;
// //}
// //isHackDetacted = true;
// //foreach(KeyValuePair<string,float> keyValue in dangerousRequests.DangerousIp)
// // WriteDangerousRequest_InBackgroundMode_ToWindow(keyValue);
// //dangerousRequests.DangerousIp.Clear();
// }
//}
//foreach (KeyValuePair<string, float> keyValue in dangerousRequests.DangerousIp)
//{
// //if (isDangerousIPFound(keyValue))
// //{
// //}
//}
}
}
