服务器新监控(win + .net)

原创 2014年06月11日 02:19:17

My Server Monitor: 监控服务器LAN联通性、WAN联通性,CPU、内存空闲率,自动添加攻击者IP到防火墙黑名单。

Imports System.Data.SqlClient
Imports System.Net
Imports System.Diagnostics

Structure cState
    Dim cpu As Single
    Dim mem As Single
    Dim lanAcc As String
    Dim wanAcc As String
    Dim utime As Date
End Structure

Structure Attacker
    Dim IP As String
    Dim AttackCounts As Integer
End Structure

Module Module1
    Dim svrState(1) As cState, AttackerColl() As Attacker, ReadTime As Date = Now, ipHashTable As New Hashtable
    Dim pfmCPU As New PerformanceCounter("Processor", "% Processor Time", "_Total", True)
    Dim pfmMem As New PerformanceCounter("Memory", "Available Kbytes")
    Dim aPing As New System.Net.NetworkInformation.Ping, timeSL As Integer = 30
    Sub Main()
        Console.Title = "Server Monitor - Running"
        Console.WindowWidth = 90
        Console.BufferWidth = 90
        Console.ForegroundColor = ConsoleColor.Green
        InitEventLog()
        Dim conn As New SqlConnection("Data Source=localhost;Initial Catalog=**DB;Integrated Security=True")
        Dim cmdsel As New SqlCommand
        conn.Open()
        cmdsel.Connection = conn
        pfmCPU.NextValue()
        Threading.Thread.Sleep(1000)
        GetNewState()
        For i As Integer = 0 To 1 Step 0
            If Now.Second Mod timeSL = 0 Then
                Threading.Thread.Sleep(1000)
                GetEvents(ReadTime)
                With svrState(1)
                    .cpu = svrState(0).cpu
                    .mem = svrState(0).mem
                    .lanAcc = svrState(0).lanAcc
                    .utime = svrState(0).utime
                End With
                With svrState(0)
                    GetNewState()
                    Console.Write(Format(Now, "yyyy-MM-dd HH:mm:ss>\[CPU IDLE]") & vbTab & .cpu & "%" & vbTab & vbTab &
                                        "[MEM FREE]   " & .mem & "MB" &
                                        vbCrLf & Space(20) & "[LAN State]" & vbTab & .lanAcc & vbTab & vbTab &
                                        "[WAN State]  " & .wanAcc & vbCrLf & vbCrLf)
                    Console.Title = "Server Monitor - Running(" & Format(Now, "yyyy-MM-dd HH:mm:ss") & ")"
                    cmdsel.CommandText = "insert into ServerStatus values('" & Format(Now, "yyyy-MM-dd HH:mm:ss") &
                        "','" & .cpu & "','" & .mem & "','" & .lanAcc & "','" & .wanAcc & "')"
                    cmdsel.ExecuteNonQuery()
                    If .lanAcc = svrState(1).lanAcc And .lanAcc.ToLower <> "success" Then timeSL = 30 Else timeSL = 60
                End With
            End If
        Next
    End Sub

    Sub GetNewState()
        With svrState(0)
            .cpu = Format(100 - pfmCPU.NextValue, ".##")
            .mem = Format(pfmMem.NextValue / 1024, ".##")
            Try 
                .lanAcc = aPing.Send("172.29.2.254").Status.ToString
            Catch ex As Exception
                .lanAcc = "Failed"
            End Try
            Try
                .wanAcc = aPing.Send("www.baidu.com").Status.ToString
            Catch ex As Exception
                .wanAcc = "Failed"
            End Try
            .utime = Now
        End With
    End Sub

    Sub InitEventLog()
        'Build Blacklist
        Console.WriteLine("<Init Blacklist>")
        ReDim AttackerColl(0)
        With AttackerColl(0)
            .IP = "HOLDER"
            .AttackCounts = 0
        End With
        GetEvents(Now.Date.AddDays(-1))
        Console.WriteLine("</Init Blacklist>" & vbCrLf)
    End Sub

    Sub GetEvents(ByVal fromWhen As Date)
        Dim ComputerLogs() As Diagnostics.EventLog = EventLog.GetEventLogs
        For Each aLog As Diagnostics.EventLog In ComputerLogs
            If aLog.Log = "Security" Then
                Dim cnt As Integer = aLog.Entries.Count, idx As Integer = UBound(AttackerColl)
                For Each itm As EventLogEntry In aLog.Entries
                    If itm.InstanceId = 4625 And itm.TimeGenerated > fromWhen Then
                        Dim ipadd As String = itm.ReplacementStrings(19)
                        If ipadd <> "-" Then
                            If Not ipHashTable.ContainsKey(ipadd) Then
                                idx += 1
                                ipHashTable.Add(ipadd, idx)
                                ReDim Preserve AttackerColl(idx)
                                With AttackerColl(idx)
                                    .AttackCounts = 1
                                    .IP = ipadd
                                End With
                            Else
                                With AttackerColl(ipHashTable(ipadd))
                                    .AttackCounts += 1
                                    If .AttackCounts > 6 Then AddBlackList(ipadd)
                                End With
                            End If
                            Console.WriteLine("<" & Format(itm.TimeGenerated, "yyyy-MM-dd HH:mm:ss") &
                                          ">Attacker '" & itm.ReplacementStrings(5) & "' from " & ipadd &
                                          " for " & AttackerColl(ipHashTable(ipadd)).AttackCounts & " time(s)")
                        End If
                    End If
                Next
                ReadTime = Now
                Exit For
            End If
        Next
    End Sub
    Sub AddBlackList(ByVal iplist As String)
        Dim plcObj As NetFwTypeLib.INetFwPolicy2 = CreateObject("HNetCfg.FwPolicy2"), rule As NetFwTypeLib.INetFwRule
        Dim CurrentProfiles As Integer = plcObj.CurrentProfileTypes()
        For Each rule In plcObj.Rules
            If rule.Profiles And CurrentProfiles Then
                If rule.Name = "DENY_LOGIN_ATTEMPT" Then
                    If InStr(rule.RemoteAddresses, iplist) = 0 Then
                        rule.RemoteAddresses &= "," & iplist
                        Console.WriteLine("Address " & iplist & " blocked")
                    End If
                    Exit For
                End If
            End If
        Next
    End Sub
End Module


版权声明:本文为博主原创文章,未经博主允许不得转载。

相关文章推荐

win-server2008 64位服务器配置asp.net环境注意点

1.安装Oracle64位客户端     注意:Oracle安装文件路径不能有中文!!! 2.添加IIS   (1)添加角色,选择“Web服务器(IIS)”和“应用程序服务器”     (...

Loadrunner监控win10服务器资源(设置)

一般在客户端通过LoadRunner对服务器进行压力测试,都需要实时监控服务器端的系统资源,本篇主要简单介绍一下如何设置在LoadRunner的Controller中配置监控Windows Resou...

【树莓派+.NET MF打造视频监控智能车】遥控篇

树莓派是最近比较火热的开源硬件,其设备只有信用卡大小,运行着Linux系统,专为学生编程教育而设计。我十多年的技术路线基本以学习微软的技术为主,中间也曾试图学习过linux,但是相对陡峭的学习曲线,只...

使用windows服务和.NET FileSystemWatcher对象来监控磁盘文件目录的改变

关于FileSystemWatcher 类的详细说明,大家可以去找找CSDN,或者在百度Google上搜下。 至于使用windows服务和.NET FileSystemWatcher对象来监控磁盘文件...

开源倾情奉献:基于.NET打造IP智能网络视频监控系统

转载自 http://www.cnblogs.com/gaochundong/p/opensource_ip_video_surveillance_system_part_1_introduction...
  • fishso
  • fishso
  • 2014-02-21 15:25
  • 1368

Asp.net(C#) windows 服务{用于实现计划任务,事件监控等}

什么是windows服务?      一个Windows服务程序是在Windows操作系统下能完成特定功能的可执行的应用程序。Windows服务程序虽然是可执行的,但是它不像一般的可执行文件通过双击...

使用.net的SerialPort串口监控控件接收串口数据

前述: 在一个项目中,需要从串口通信的磁卡读卡器中读取刷卡的卡号,以便后续的业务操作。该刷卡器的型号为:SMR-RU2,使用USB接入电脑,通过USB转串口,Windows会根据USB口分配器固定的串...

.NET C# 如何监控并及时的显示另一个控制台Console的输出

这个话题已经很多前辈已经提及或者说明过,不过今天我还是来炒下冷饭.很多人在论坛上问及,在不修改现有项目的前提下如何监控其控制台输出?这里我们就需要用到ProcessStartInfo中的Redirec...
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:深度学习:神经网络中的前向传播和反向传播算法推导
举报原因:
原因补充:

(最多只允许输入30个字)