Skip to main content
Home
badllama.com
  • Search
  • Log In

Quickly log all unique ingress IPs

cpeters's picture

Fri, 04/01/2016 - 21:37 by cpeters

This script creates a quick log of all the unique ingress IPs connecting to a machine on a given port.

 $logpath = "C:\users\Administrator\Desktop\Unique_IP.log"
 
 $newdata  = netstat -antp tcp | findstr "80" | findstr -v "0.0.0.0" | findstr -v "169.254.169.254"
 $ct = $newdata | Measure
 $ct = $ct.Count

  for ($i=0; $i -lt $ct ; $i++ ){
    $line = $newdata[$i] -replace '^\s+', ''
    $line = $newdata[$i] -split '\s+'
    
    $newdata[$i] = $line[3] | %{ $_.Split(':')[0]}
    }

 if (Test-Path $logpath) {
 $content = [IO.File]::ReadAllLines($logpath)

 $alldata = $newdata | Get-Unique
 $alldata = $alldata + $content | Sort-Object
 $alldata = $alldata | Get-Unique

[IO.File]::WriteAllLines($logpath,$alldata)
 }
 else {

$newdata = $newdata | Get-Unique
[IO.File]::WriteAllLines($logpath,$newdata)
 }
Tags: 
aws windows powershell TCIP/IP
Powered by Backdrop CMS