服务器新监控(win + .net)

原创 2014年06月11日 02:19:17

My Server Monitor: 监控服务器LAN联通性、WAN联通性,CPU、内存空闲率,自动添加攻击者IP到防火墙黑名单。

Imports System.Data.SqlClient
Imports System.Net
Imports System.Diagnostics

Structure cState
    Dim cpu As Single
    Dim mem As Single
    Dim lanAcc As String
    Dim wanAcc As String
    Dim utime As Date
End Structure

Structure Attacker
    Dim IP As String
    Dim AttackCounts As Integer
End Structure

Module Module1
    Dim svrState(1) As cState, AttackerColl() As Attacker, ReadTime As Date = Now, ipHashTable As New Hashtable
    Dim pfmCPU As New PerformanceCounter("Processor", "% Processor Time", "_Total", True)
    Dim pfmMem As New PerformanceCounter("Memory", "Available Kbytes")
    Dim aPing As New System.Net.NetworkInformation.Ping, timeSL As Integer = 30
    Sub Main()
        Console.Title = "Server Monitor - Running"
        Console.WindowWidth = 90
        Console.BufferWidth = 90
        Console.ForegroundColor = ConsoleColor.Green
        InitEventLog()
        Dim conn As New SqlConnection("Data Source=localhost;Initial Catalog=**DB;Integrated Security=True")
        Dim cmdsel As New SqlCommand
        conn.Open()
        cmdsel.Connection = conn
        pfmCPU.NextValue()
        Threading.Thread.Sleep(1000)
        GetNewState()
        For i As Integer = 0 To 1 Step 0
            If Now.Second Mod timeSL = 0 Then
                Threading.Thread.Sleep(1000)
                GetEvents(ReadTime)
                With svrState(1)
                    .cpu = svrState(0).cpu
                    .mem = svrState(0).mem
                    .lanAcc = svrState(0).lanAcc
                    .utime = svrState(0).utime
                End With
                With svrState(0)
                    GetNewState()
                    Console.Write(Format(Now, "yyyy-MM-dd HH:mm:ss>\[CPU IDLE]") & vbTab & .cpu & "%" & vbTab & vbTab &
                                        "[MEM FREE]   " & .mem & "MB" &
                                        vbCrLf & Space(20) & "[LAN State]" & vbTab & .lanAcc & vbTab & vbTab &
                                        "[WAN State]  " & .wanAcc & vbCrLf & vbCrLf)
                    Console.Title = "Server Monitor - Running(" & Format(Now, "yyyy-MM-dd HH:mm:ss") & ")"
                    cmdsel.CommandText = "insert into ServerStatus values('" & Format(Now, "yyyy-MM-dd HH:mm:ss") &
                        "','" & .cpu & "','" & .mem & "','" & .lanAcc & "','" & .wanAcc & "')"
                    cmdsel.ExecuteNonQuery()
                    If .lanAcc = svrState(1).lanAcc And .lanAcc.ToLower <> "success" Then timeSL = 30 Else timeSL = 60
                End With
            End If
        Next
    End Sub

    Sub GetNewState()
        With svrState(0)
            .cpu = Format(100 - pfmCPU.NextValue, ".##")
            .mem = Format(pfmMem.NextValue / 1024, ".##")
            Try 
                .lanAcc = aPing.Send("172.29.2.254").Status.ToString
            Catch ex As Exception
                .lanAcc = "Failed"
            End Try
            Try
                .wanAcc = aPing.Send("www.baidu.com").Status.ToString
            Catch ex As Exception
                .wanAcc = "Failed"
            End Try
            .utime = Now
        End With
    End Sub

    Sub InitEventLog()
        'Build Blacklist
        Console.WriteLine("<Init Blacklist>")
        ReDim AttackerColl(0)
        With AttackerColl(0)
            .IP = "HOLDER"
            .AttackCounts = 0
        End With
        GetEvents(Now.Date.AddDays(-1))
        Console.WriteLine("</Init Blacklist>" & vbCrLf)
    End Sub

    Sub GetEvents(ByVal fromWhen As Date)
        Dim ComputerLogs() As Diagnostics.EventLog = EventLog.GetEventLogs
        For Each aLog As Diagnostics.EventLog In ComputerLogs
            If aLog.Log = "Security" Then
                Dim cnt As Integer = aLog.Entries.Count, idx As Integer = UBound(AttackerColl)
                For Each itm As EventLogEntry In aLog.Entries
                    If itm.InstanceId = 4625 And itm.TimeGenerated > fromWhen Then
                        Dim ipadd As String = itm.ReplacementStrings(19)
                        If ipadd <> "-" Then
                            If Not ipHashTable.ContainsKey(ipadd) Then
                                idx += 1
                                ipHashTable.Add(ipadd, idx)
                                ReDim Preserve AttackerColl(idx)
                                With AttackerColl(idx)
                                    .AttackCounts = 1
                                    .IP = ipadd
                                End With
                            Else
                                With AttackerColl(ipHashTable(ipadd))
                                    .AttackCounts += 1
                                    If .AttackCounts > 6 Then AddBlackList(ipadd)
                                End With
                            End If
                            Console.WriteLine("<" & Format(itm.TimeGenerated, "yyyy-MM-dd HH:mm:ss") &
                                          ">Attacker '" & itm.ReplacementStrings(5) & "' from " & ipadd &
                                          " for " & AttackerColl(ipHashTable(ipadd)).AttackCounts & " time(s)")
                        End If
                    End If
                Next
                ReadTime = Now
                Exit For
            End If
        Next
    End Sub
    Sub AddBlackList(ByVal iplist As String)
        Dim plcObj As NetFwTypeLib.INetFwPolicy2 = CreateObject("HNetCfg.FwPolicy2"), rule As NetFwTypeLib.INetFwRule
        Dim CurrentProfiles As Integer = plcObj.CurrentProfileTypes()
        For Each rule In plcObj.Rules
            If rule.Profiles And CurrentProfiles Then
                If rule.Name = "DENY_LOGIN_ATTEMPT" Then
                    If InStr(rule.RemoteAddresses, iplist) = 0 Then
                        rule.RemoteAddresses &= "," & iplist
                        Console.WriteLine("Address " & iplist & " blocked")
                    End If
                    Exit For
                End If
            End If
        Next
    End Sub
End Module


版权声明:本文为博主原创文章,未经博主允许不得转载。

win-server2008 64位服务器配置asp.net环境注意点

1.安装Oracle64位客户端     注意:Oracle安装文件路径不能有中文!!! 2.添加IIS   (1)添加角色,选择“Web服务器(IIS)”和“应用程序服务器”     (...

IIS7服务器的配置(win7,支持asp.net)

以前弄过好多次,都没有成功,昨天晚上不知怎么地就成功了,借用我同学的一句话,这叫“灵光一闪”,废话不多说了,这个成功是有图有视频有真相地哈! 这篇博文发表都三个月了,我自认为算是很详细了,可是还是很多...
  • oGuWen1
  • oGuWen1
  • 2014年01月02日 14:45
  • 1765

Memcache win版 服务器和.net驱动

  • 2014年09月24日 10:52
  • 3.54MB
  • 下载

Tomcat服务器监控1.2版( for Win,Linux

  • 2006年12月26日 10:03
  • 1.13MB
  • 下载

使用.net的SerialPort串口监控控件接收串口数据

前述: 在一个项目中,需要从串口通信的磁卡读卡器中读取刷卡的卡号,以便后续的业务操作。该刷卡器的型号为:SMR-RU2,使用USB接入电脑,通过USB转串口,Windows会根据USB口分配器固定的串...

.NET C# 如何监控并及时的显示另一个控制台Console的输出

这个话题已经很多前辈已经提及或者说明过,不过今天我还是来炒下冷饭.很多人在论坛上问及,在不修改现有项目的前提下如何监控其控制台输出?这里我们就需要用到ProcessStartInfo中的Redirec...

推荐一款短信转发软件,可用于监控男朋友手机,下载地址http://download.csdn.net/source/3575487

短信转发设置 SMS Forwarding 1.4.3 适用于Android 1.5 及以上版本文件大小:361K 下载地址:http://download.csdn.net/source/35754...

.NET C# 如何监控并及时的显示另一个控制台Console的输出

这个话题已经很多前辈已经提及或者说明过,不过今天我还是来炒下冷饭.很多人在论坛上问及,在不修改现有项目的前提下如何监控其控制台输出?这里我们就需要用到ProcessStartInfo中的Redirec...

.NET4 Windows Service 监控磁盘文件

http://www.cnblogs.com/ryanding/archive/2011/02/04/1948746.html 曾在VS2008下用C#编写过WindowsService监控进销存库存...

ASP.NET Core之跨平台的实时性能监控(2.健康检查)

前言 上篇我们讲了如何使用App Metrics 做一个简单的APM监控,最后提到过健康检查这个东西. 这篇主要就是讲解健康检查的内容. 没看过上篇的,请移步:ASP.NET Core之跨平台的...
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:服务器新监控(win + .net)
举报原因:
原因补充:

(最多只允许输入30个字)