Question
Problem You will find attached to this assignment a text file: authlog.txt. This file contains records of attempts to login to a Linux server which
Problem You will find attached to this assignment a text file: authlog.txt. This file contains records of attempts to login to a Linux server which hosts virtual machine images for our course in Networking and a special Debian image for use in this course. This server was positioned behind the college firewall but was still available for anyone to login through ssh protocol. The auth.log file is a standard Linux log file and is used by systems administrators to monitor login attempts and for forensics when the security of a server has been compromised. The host operating system was an Ubuntu 20.04 Server and had the necessary patches installed and the ssh/sftp software was also patched. This did not prevent outsider hacker types from attempting to access the server. These log files can become very large and it is impractical for administrators to review them by reading them. To enable systems administrators to monitor them we can write Python scripts which can either be used as needed or on a periodic basis. This sort of utility is important to web applications since Linux based servers represent the large majority of all servers on the internet. So monitoring the auth.log file is a matter of importance to the systems administrator, security analyst as well as the forensic analyst. In our exercise we will write a Python script which analyzes the entries in the auth.log file taken off of our server. The auth.log file from our server is provided as an ASCII text file and is attached to this assignment as authlog.txt file. Required Please download the authlog.txt file provided here and prepare a Python script which does the following: Part 1 1. Opens the file and reads the file line-by-line 2. Prints out the time and date of the first attempted login. 3. Prints out the time and date of last attempted login. 4. Count the total number of login attempts 5. Counts the total number of failed login attempts Part 2 1. Create a list of all the IP addresses used to attempt to login to the server. 2. Create a count of failed login attempts and a count of successful login attempts for each IP address identified in the file. Part 3 1. Prepare a report which is to be written to a file called: ForensicsReport.txt 2. The report should look something like the report shown on the next page. Forensics Report on Logins to: 199.17.224.197 Saint Paul College Computer Science Department February 2023 Summary information Date of first attempted login: <> Date of last attempted login: <> Total number of login attempts: <> Total number of failed login attempts: <> Access by IP address IP Address Logon Attempts Failed Logon Attempts 201.22.123.44 21 21 199.17.234.192 145 144 Etc. Etc. Etc.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started