[Tutor] IP numbers and Python
dman
dsh8290@rit.edu
Wed, 27 Feb 2002 21:01:29 -0500
On Wed, Feb 27, 2002 at 02:19:38PM -0600, Kojo Idrissa wrote:
| On Wed, 27 Feb 2002 09:54:01 -0800
| >Another alternative is a self-contained router. I've seen a 4-port
| >from LinkSys that has a firewall for a couple-hundred dollars. Has
| >a nice browser-based interface, etc.
|
| I saw one of these at my local MicroCenter. $99 for a four port-er.
| I'm in the process of building a home network and I considered
| getting one to share my DSL with the network.
At a local shop one can obtain a Pentium-class machine (ie P133, 48MB
RAM, couple hundred MB hard drive, NIC, case, power supply) for $99 or
less (depends on the exact specs). If you wanted to, you could put a
*nix system on it and have full control over your firewall. You would
also want to get a hub or switch to connect the rest of the LAN to it.
| Now, (to bring this back on topic) what would be interesting would
| be a Python script that parsed your firewall log files for the IPs
| (and/or any other info you wanted), then used the DNS lookup site
| Llyod (I think) mentioned to get some idea of where the scans are
| coming from. You could even get fancy and have it create a graph of
| some sort...percentage of scans/attacks from various addresses or
| address block owners or ISPs. You could even keep track of the
| information over time, to see what trends develop. I'm pretty sure
| all the functionality for this exists in various Python modules.
|
| Hmmm...I just might try that myself once I get my home network up
| and running. Sounds like a good project for someone wanting to get
| into Networking. (That would be me...)
Are you going to include a parser for iptables' logs? :-)
-D
--
the nice thing about windoze is - it does not just crash,
it displays a dialog box and lets you press 'ok' first.