Compare Proposal

Nothing to compare.

BME8531- python code + report

  • Posted at : 1 month ago
  • Post Similar Project
2000

Budget
9
Proposals
233
Views
Awarded
Status
Skills Required

Posted By -

QT

5.0
Projects Posted : 375
Projects Paid : 180
Services Purchased : 0
Total Spent :
7404
Feedbacks : 92 %

Project Details show (+) hide (-)

Complete all 6 of the tasks as well as commenting on the python code

Assessment Task: Python ScriptingProduce a working program, with verbose commentary, based on the following requirements: Detailed Requirements:You have been put in charge of administering a Linux system. An incident has occurred on the network and you suspect that you may have been hacked.  You need to identify how and potentially who the attacker is. To assist in your investigation, you will need to create a Python program that will allow you to quickly analyse certain log files and help you in presenting your findings by way of a short that you will produce for the management team. 

Task:
You are required to create a Python program that will parse the contents of the Apache log file and SSH log file (auth.log and access.log - both of which have been provided on Blackboard), and perform the following tasks:

1. Find how many attempts were made with the bin account.
2. If certain IP addresses have more than 30 failed attempts, create a blacklist file (blacklistips.txt) and save the IP addresses within it.
3. Identify how many attacks were logged per hour.
4. Identify how many attacks were logged, per hour, per IP.
5. Compare the results from the Webserver’s log and those from the SSH logs and create a new text file with a new entry describing the correlation of both events.
6. In your report identify the credentials used to break into both systems and write a small paragraph on your findings/assumptions. 

Note: An attack, in this case, will be anything that starts with a ‘Failed password for’.
 

You will also need to produce a short report (max 1000 words) including:
1      Address how you believe the attack took place
2      Screenshots of your application proving steps 1-4 above
3      Supporting comments describing the actions seen in the screenshots
4      Include the paragraph about your findings as mentioned in point 6 above. 

You will need to submit an electronic version of the report and program and upload files to Blackboard.  Please state in your report what version of Python you have used for your scripts – 2.7* or 3.*)