Untitled

 avatar
unknown
plain_text
25 days ago
1.5 kB
3
Indexable
import random
from collections import defaultdict

def generate_logs():
    logs = []
    for _ in range(100):
        ip = f"{random.randint(1,255) }.{random.randint(1,255)}.{random.randint(1,255)}.{random.ranidnt(1,255)}"
        port = random.choice([80, 443, 22, 3389, 8080])
        logs.append(f"{ip} - Port {port} - {'ALLOWED' if random
                    .random() > 0.1 else 'BLOCKED'}")
        return logs
    
def analyze_traffic(logs):
    ip_counts = defaultdict(int)
    port_scans = defaultdict(int)

    for log in logs:
        parts = log.split(" - ")
        ip = parts[0]
        port = int(parts[1].replace("Port ",""))

        ip_counts[ip] += 1
        port_scans[port] += 1

      print("\n TRAFFIC ANALYSIS RESULTS:")
      print(f"Total requests: {len(logs)}")

      suspicious_ips = [ip for ip, count in ip_counts.items() if count > 10]
      if suspicious_ips:
          print("\n Suspicious IPs (Possible DoS Attack):")
          for ip in suspicious_ips:
              print(f"- {ip} ({ip_counts[ip]} requests)")

     common_ports = {80: "HTTP", 443: "HTTPS", 22: "SSH"}
     unusual_ports = [port for port in port_scans if port not in common_ports]
     if unusual_ports:
         print("\n Unusual Port Activity (Possible Scan):")
         for port in unusual_ports:
             print(f"-Port {port} was accessed {port_scans[port]} times")

if __name__ == "__main__":
    print("Simulating Network Traffic...")
    logs = generate_logs()
    analyze_traffic(logs)
Editor is loading...
Leave a Comment