02-08-2008 12:52 AM
Greetings,
I have whipped up a quick script some of you may find useful.
ip2mapplot.py is a Python script for resolving a number of IP addresses to latitude / longitude coordinates and plotting them on a world map
Below is an image generated from one days worth of Senderbase drops on our Ironport MGAs:
[img:f531ef1b7c]http://insecure.io/images/a/a6/Map_sbrs_small.jpg[/img:f531ef1b7c]
Source code is available here: http://research.mince.ac.nz/ip2mapplot.py
Further instructions here: http://insecure.io/index.php/Code/ip2mapplot
Cheers,
si
02-11-2008 02:30 PM
Awesome, thanks for sharing the script and instructions !
Just one thing to mention. Your link to matplotlib documentation is going to Basemap page. To make matplotlib to work the matplotlib-toolkits "basemap"is required.
It can be downloaded from: http://sourceforge.net/project/showfiles.php?group_id=80706&package_id=142792
02-11-2008 02:58 PM
Interesting to see that the SPAM pattern is very similar.
Here are my stats from yesterday (Sunday)
[img:9a11853639]http://lh5.google.fi/jari.riihimaki/R7P2JJnR4WI/AAAAAAAAAFo/G4iqE-dZUJs/senderbase_small.jpg[/img:9a11853639]
[+] Found 289282 unique IP addresses
[+] Determining unique latitude / longitude points
[+] Plotting 15950 discrete points on map
[-] Plotting 15613 points for x < 100
[-] Plotting 259 points for 100 < x < 500
[-] Plotting 64 points for 500 < x < 2500
'[-] Plotting 14 points for x > 2500
02-13-2008 07:57 PM
Here's what our map looks like with one week's worth of data on hosts with a SBRS of -10 to -4.
[img:c91b0e4b2a]http://web.acd.ccac.edu/~bpoyner/ironport/ironport-map-small.jpg[/img:c91b0e4b2a]
[+] Found 691344 unique IP addresses
[+] Determining unique latitude / longitude points
[+] Plotting 15037 discrete points on map
[-] Plotting 14098 points for x < 100
[-] Plotting 772 points for 100 < x < 500
[-] Plotting 131 points for 500 < x <2500> 2500
I don't know if anybody else ran into this issue, but as-is the script provided by si doesn't work with python 2.3. You'll get the following error message:
[+] Determining unique latitude / longitude points
Traceback (most recent call last):
File "./ip2mapplot.py", line 41, in ?
latlon = count.partition(',')
AttributeError: 'str' object has no attribute 'partition'
You have to change partition to split, and change the latlon array reference accordingly.
02-15-2008 01:17 AM
Thanks for your feedback guys, jariih I have updated the documentation to include a link to download Basemap
Good point regarding python2.3 bpoyner, I only tested on v2.4
04-08-2011 01:39 AM
I used this script few years ago but now I have lost the code and I can't find it from the links bellow either.
Does anyone know where to get this code ? This was very nice script to see where the spam is really coming from
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: