Untitled

 avatar
unknown
plain_text
25 days ago
1.5 kB
3
Indexable
import random
from collections import defaultdict

def generate_logs():
    logs = []
    for _ in range(100):
        ip = f"{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}.{random.randint(1,255)}"
        port = random.choice([80, 443, 22, 3389, 8080])
        logs.append(f"{ip} - Port {port} - {'ALLOWED' if random.random() > 0.1 else 'BLOCKED'}")
    return logs

def analyze_traffic(logs):
    ip_counts = defaultdict(int)
    port_scans = defaultdict(int)
    
    for log in logs:
        parts = log.split(" - ")
        ip = parts[0]
        port = int(parts[1].replace("Port ", ""))
        
        ip_counts[ip] += 1
        port_scans[port] += 1
    
    print("\n🚦 TRAFFIC ANALYSIS RESULTS:")
    print(f"Total requests: {len(logs)}")
    
    suspicious_ips = [ip for ip, count in ip_counts.items() if count > 10]
    if suspicious_ips:
        print("\n⚠️ Suspicious IPs (Possible DoS Attack):")
        for ip in suspicious_ips:
            print(f"- {ip} ({ip_counts[ip]} requests)")
    
    common_ports = {80: "HTTP", 443: "HTTPS", 22: "SSH"}
    unusual_ports = [port for port in port_scans if port not in common_ports]
    if unusual_ports:
        print("\n🚨 Unusual Port Activity (Possible Scan):")
        for port in unusual_ports:
            print(f"- Port {port} was accessed {port_scans[port]} times")

if __name__ == "__main__":
    print("📡 Simulating Network Traffic...")
    logs = generate_logs()
    analyze_traffic(logs)
Editor is loading...
Leave a Comment