Private Sub btnRead_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnRead.Click
Dim ComputerLogs() As Diagnostics.EventLog = EventLog.GetEventLogs
For Each aLog As Diagnostics.EventLog In ComputerLogs
If aLog.Log = "Security" Then
Dim cnt As Integer = aLog.Entries.Count, idx As Integer = 0
For Each itm As EventLogEntry In aLog.Entries
idx += 1
Me.Text = idx & "/" & cnt
If itm.InstanceId = 4625 Then
txtIPList.AppendText(itm.TimeGenerated & vbTab & itm.ReplacementStrings(5) & vbTab & itm.ReplacementStrings(19) & vbCrLf)
End If
Next
Exit For
End If
Next
Me.Text = "EventReader"
End Sub
Private Sub btnFW_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnFW.Click
Dim plcObj As NetFwTypeLib.INetFwPolicy2 = CreateObject("HNetCfg.FwPolicy2"), rule As NetFwTypeLib.INetFwRule
Dim CurrentProfiles As Integer = plcObj.CurrentProfileTypes()
For Each rule In plcObj.Rules
If rule.Profiles And CurrentProfiles Then
If rule.Name = "DENY_LOGIN_ATTEMPT" Then
MsgBox(rule.RemoteAddresses)
rule.RemoteAddresses &= "," & txtIPList.Text.Replace(vbCrLf, ",")
txtResult.Text = rule.RemoteAddresses.Replace(",", vbCrLf).Replace("255.255.255.255", "32")
Exit For
End If
End If
Next
End Sub
读取系统"安全"日志中的失败登录尝试 + 添加攻击者IP到防火墙策略
最新推荐文章于 2024-03-22 11:13:23 发布