Intrusion source and location mashup

From Kenneth Kline, a script to show intrusion attempts against a site, based on the contents of hosts.deny.

Uses the following:
Deny Hosts
Google Maps
GeoIP

[Sep 2007: links below not accessible for a long time - here's another link to a copy of the archive: hacker2loc.tar.gz ]

[Old links and info: For an example, see security.kennethkline.com/mashup/
Here is a build of hackers2loc script:
hacker2loc.tar.gz. Additionally, to view the source (PHP) on-line: PHP source ]

It requires a little work to install properly. The README provides all the information that is necessary to get the additional pieces and to get it up and running.

The GeoLiteCity.dat file is updated from time to time, it may be useful to setp a cron script, to download it, untar it, then overwrite the existing DAT file to get updates from GeoIP resulting in more accurate plots.

Comments

kenethkline.com is dead

Neither under security, dev nor www kennethkline.com can be reached.

Is back up.

Site is back up, must have been a temporary downtime.

security.kennethkline.com

security.kennethkline.com is dead, also can't connect to www,dev,etc.....

I'd really like to get a copy of this.

Does anyone have a local copy they could email me ?

-Jon

last known copy available here

Looks like the original site has been inaccessible for a long time, here's where the last known copy of the script can be downloaded from:

hacker2loc.tar.gz

I've Updated this to work with Blockhosts v2.1

I downloaded the local copy but it didn't work with Blockhosts v2.1.

I've made some changes to the index.php file to make it compatible with the new version of Blockhosts as well as moved all configurable variables up to the top of the index.php page. I also added some table row coloring and changed some of the output columns. And added a form so you can change the number of attempts shown on the page instead of having to edit the index.php file.

If anyone is interested, I can make it available to you.

See it in action here http://www.jonbreen.com/mashup/

mashup

Hi,
Have moved servers so my original install doesnt work..
would love a copy of the updated version please
many thanks
will

Updated

I've updated the index.php file to be PHP5 compatible.

There's also a link at the bottom of the page to download the original archive.

Enjoy!

See it in action here http://www.jonbreen.com/mashup/

(you'll need to get the copy of the original archive, link on bottom right of page, and view the source, link on bottom left of page, to copy and paste the newer version of the index.php file. That should be all you need!)

Updated Again...

I've updated the index.php file once again to be compatible with the new Google API v3. Had to rewrite the entire function so I removed Kenneth Kline's copyright.

I also updated the archive with my index.php file.

Enjoy!

Again, See it in action here http://www.jonbreen.com/mashup/
(download link at the bottom of that page)

-Jon