cancel
Showing results for
Did you mean:
Announcements
 ESA: 11.0.0-274 WSA: 10.5.1-296 SMA: 11.0.0-128 Email Plug-in (Reporting): 1.0.1-048 Email Plug-in (Encryption): 1.0.0-036

Community Member

## Plotting Senderbase Information on a World Map

Greetings,

I have whipped up a quick script some of you may find useful.

ip2mapplot.py is a Python script for resolving a number of IP addresses to latitude / longitude coordinates and plotting them on a world map

Below is an image generated from one days worth of Senderbase drops on our Ironport MGAs:
[img:f531ef1b7c]http://insecure.io/images/a/a6/Map_sbrs_small.jpg[/img:f531ef1b7c]

Source code is available here: http://research.mince.ac.nz/ip2mapplot.py
Further instructions here: http://insecure.io/index.php/Code/ip2mapplot

Cheers,
si

5 REPLIES
Community Member

## Re: Plotting Senderbase Information on a World Map

Awesome, thanks for sharing the script and instructions !

Just one thing to mention. Your link to matplotlib documentation is going to Basemap page. To make matplotlib to work the matplotlib-toolkits "basemap"is required.

Community Member

## Re: Plotting Senderbase Information on a World Map

Interesting to see that the SPAM pattern is very similar.

Here are my stats from yesterday (Sunday)

[+] Found 289282 unique IP addresses
[+] Determining unique latitude / longitude points
[+] Plotting 15950 discrete points on map
[-] Plotting 15613 points for x < 100
[-] Plotting 259 points for 100 < x < 500
[-] Plotting 64 points for 500 < x < 2500
'[-] Plotting 14 points for x > 2500

Community Member

## Re: Plotting Senderbase Information on a World Map

Here's what our map looks like with one week's worth of data on hosts with a SBRS of -10 to -4.

[img:c91b0e4b2a]http://web.acd.ccac.edu/~bpoyner/ironport/ironport-map-small.jpg[/img:c91b0e4b2a]

[+] Found 691344 unique IP addresses
[+] Determining unique latitude / longitude points
[+] Plotting 15037 discrete points on map
[-] Plotting 14098 points for x < 100
[-] Plotting 772 points for 100 < x < 500
[-] Plotting 131 points for 500 < x <2500> 2500

I don't know if anybody else ran into this issue, but as-is the script provided by si doesn't work with python 2.3. You'll get the following error message:

[+] Determining unique latitude / longitude points
Traceback (most recent call last):
File "./ip2mapplot.py", line 41, in ?
latlon = count.partition(',')
AttributeError: 'str' object has no attribute 'partition'

You have to change partition to split, and change the latlon array reference accordingly.

Community Member

## Re: Plotting Senderbase Information on a World Map

Good point regarding python2.3 bpoyner, I only tested on v2.4

Community Member

## Re: Plotting Senderbase Information on a World Map

I used this script few years ago but now I have lost the code and I can't find it from the links bellow either.

Does anyone know where to get this code ? This was very nice script to see where the spam is really coming from

278
Views
0