Thanks for that I’ll keep it as a ‘reserve’ option in case I have any problem with the other script. As it is working though I’ll stick with that for the moment if that is okay?
I rewrote the earlier script with ASObjC just for learning purposes. It allows other members of the forum–who are more knowledgeable than me–to make suggestions for improvement. There’s no reason for you to use my script.
I was just wondering on the reasoning. My only coding knowledge was from MS Access years ago so Apple scripting and more modern ways of coding are alien to me
Here is another AppleScript option which takes a completely different route, using much less code and is pretty quick also.
This assumes the file being dropped onto this applet is a text file and its contents are in the same format as per the example given in the original post.
In short, rather than creating a new file every time a file is dropped onto this applet, dropping a text file onto this Droplet will strip out everything but the IP numbers and Port numbers, which will be logged to a file named “Cleaned_IPs.txt” in the same folder as the original dropped file. (That log file shows the file processed and its path, the date and time of each and has duplicate entries removed and is numerically sorted)
property stripText : " | cut -d' ' -f7-9 | tr -d ',' | sort --numeric-sort | uniq"
on open of theFiles -- Handles single or multiple dropped files
repeat with aFile in theFiles
set theDate to (current date) as text
tell application "Finder" to set sourceFilePath to container of aFile as alias
set cleanedText to do shell script "cat " & ¬
quoted form of POSIX path of aFile & stripText
---------- Option 1. ---------- Verbose & Appending
set theData to ("From file: " & quoted form of POSIX path of aFile & ¬
" - " & theDate & linefeed & linefeed & cleanedText & linefeed)
--------------------------------
---------- Option 2. ---------- Combined, De-Duped, Sorted - IP's & Ports Only
--set theData to cleanedText
--------------------------------
do shell script "echo " & quoted form of theData & " >> " & ¬
quoted form of POSIX path of sourceFilePath & "Cleaned_IPs.txt"
do shell script "sort | uniq " & quoted form of ¬
POSIX path of sourceFilePath & "Cleaned_IPs.txt" & " | pbcopy ; pbpaste > " & ¬
quoted form of POSIX path of sourceFilePath & "Cleaned_IPs.txt"
end repeat
end open
This will extract all of the IP addresses from the text files dropped onto this applet. The IP’s will be added and appended to the “Cleaned_IPs.txt” file while numerically sorting and removing any duplicate entries.
property stripText : " | cut -d' ' -f7 | tr -d ',' | sort --numeric-sort | uniq"
on open of theFiles -- Handles single or multiple dropped files
repeat with aFile in theFiles
tell application "Finder" to set sourceFilePath to container of aFile as alias
set cleanedText to do shell script "cat " & ¬
quoted form of POSIX path of aFile & stripText
do shell script "echo " & quoted form of cleanedText & " >> " & ¬
quoted form of POSIX path of sourceFilePath & "Cleaned_IPs.txt"
do shell script "sort | uniq " & quoted form of ¬
POSIX path of sourceFilePath & "Cleaned_IPs.txt" & ¬
" | pbcopy -pboard ruler ; pbpaste -pboard ruler > " & ¬
quoted form of POSIX path of sourceFilePath & "Cleaned_IPs.txt"
end repeat
end open
[DoS Attack: SYN/ACK Scan] from source: 54.239.28.85, port 443, Wednesday, September 22, 2021 23:48:43
[DoS Attack: SYN/ACK Scan] from source: 54.239.28.85, port 443, Wednesday, September 22, 2021 23:46:57
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 23:45:01
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 23:38:39
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 23:34:09
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 23:33:56
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.87, port 52921, Wednesday, September 22, 2021 23:21:25
[DoS Attack: NULL Scan] from source: 119.90.42.87, port 52916, Wednesday, September 22, 2021 23:21:25
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.87, port 52921, Wednesday, September 22, 2021 23:21:25
[DoS Attack: NULL Scan] from source: 119.90.42.87, port 52916, Wednesday, September 22, 2021 23:21:25
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.87, port 52921, Wednesday, September 22, 2021 23:21:25
[DoS Attack: NULL Scan] from source: 119.90.42.87, port 52916, Wednesday, September 22, 2021 23:21:25
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.87, port 52921, Wednesday, September 22, 2021 23:21:25
[DoS Attack: ACK Scan] from source: 119.90.42.87, port 52918, Wednesday, September 22, 2021 23:21:25
[DoS Attack: WinNuke Attack] from source: 119.90.42.87, port 52917, Wednesday, September 22, 2021 23:21:25
[DoS Attack: NULL Scan] from source: 119.90.42.87, port 52916, Wednesday, September 22, 2021 23:21:25
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.87, port 52921, Wednesday, September 22, 2021 23:21:23
[DoS Attack: ACK Scan] from source: 119.90.42.87, port 52920, Wednesday, September 22, 2021 23:21:23
[DoS Attack: ACK Scan] from source: 119.90.42.87, port 52918, Wednesday, September 22, 2021 23:21:23
[DoS Attack: WinNuke Attack] from source: 119.90.42.87, port 52917, Wednesday, September 22, 2021 23:21:23
[DoS Attack: NULL Scan] from source: 119.90.42.87, port 52916, Wednesday, September 22, 2021 23:21:23
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.87, port 52921, Wednesday, September 22, 2021 23:21:23
[DoS Attack: ACK Scan] from source: 119.90.42.87, port 52920, Wednesday, September 22, 2021 23:21:23
[DoS Attack: ACK Scan] from source: 119.90.42.87, port 52918, Wednesday, September 22, 2021 23:21:23
[DoS Attack: WinNuke Attack] from source: 119.90.42.87, port 52917, Wednesday, September 22, 2021 23:21:23
[DoS Attack: NULL Scan] from source: 119.90.42.87, port 52916, Wednesday, September 22, 2021 23:21:23
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.87, port 52921, Wednesday, September 22, 2021 23:21:23
[DoS Attack: ACK Scan] from source: 119.90.42.87, port 52920, Wednesday, September 22, 2021 23:21:23
[DoS Attack: ACK Scan] from source: 119.90.42.87, port 52918, Wednesday, September 22, 2021 23:21:23
[DoS Attack: WinNuke Attack] from source: 119.90.42.87, port 52917, Wednesday, September 22, 2021 23:21:23
[DoS Attack: NULL Scan] from source: 119.90.42.87, port 52916, Wednesday, September 22, 2021 23:21:23
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.87, port 52921, Wednesday, September 22, 2021 23:21:23
[DoS Attack: ACK Scan] from source: 119.90.42.87, port 52920, Wednesday, September 22, 2021 23:21:23
[DoS Attack: ACK Scan] from source: 119.90.42.87, port 52918, Wednesday, September 22, 2021 23:21:23
[DoS Attack: WinNuke Attack] from source: 119.90.42.87, port 52917, Wednesday, September 22, 2021 23:21:23
[DoS Attack: NULL Scan] from source: 119.90.42.87, port 52916, Wednesday, September 22, 2021 23:21:23
[DoS Attack: RST Scan] from source: 161.97.168.3, port 29000, Wednesday, September 22, 2021 23:16:40
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 23:10:55
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Wednesday, September 22, 2021 22:50:26
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 22:38:21
[DoS Attack: SYN/ACK Scan] from source: 2.16.75.200, port 443, Wednesday, September 22, 2021 22:35:48
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 22:30:01
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Wednesday, September 22, 2021 22:17:40
[DoS Attack: SYN/ACK Scan] from source: 92.122.148.35, port 443, Wednesday, September 22, 2021 22:12:35
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 21:56:46
[DoS Attack: SYN/ACK Scan] from source: 2.16.75.200, port 443, Wednesday, September 22, 2021 21:48:24
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 21:47:44
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 21:30:28
[DoS Attack: UDP Port Scan] from source: 91.132.58.137, port 5062, Wednesday, September 22, 2021 21:28:48
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 21:27:08
[DoS Attack: SYN/ACK Scan] from source: 74.91.121.160, port 22, Wednesday, September 22, 2021 21:24:42
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Wednesday, September 22, 2021 20:56:30
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Wednesday, September 22, 2021 20:49:23
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 20:48:43
[DoS Attack: SYN/ACK Scan] from source: 92.122.148.35, port 443, Wednesday, September 22, 2021 20:40:57
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 20:33:41
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 20:32:14
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 20:30:23
[DoS Attack: SYN/ACK Scan] from source: 176.32.103.205, port 443, Wednesday, September 22, 2021 20:14:55
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 20:12:14
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Wednesday, September 22, 2021 20:11:09
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Wednesday, September 22, 2021 20:10:35
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 20:04:56
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Wednesday, September 22, 2021 19:51:32
[DoS Attack: SYN/ACK Scan] from source: 104.21.33.76, port 443, Wednesday, September 22, 2021 19:43:40
[DoS Attack: SYN/ACK Scan] from source: 134.255.227.145, port 30120, Wednesday, September 22, 2021 19:33:14
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 19:33:10
[DoS Attack: ACK Scan] from source: 52.97.219.213, port 59827, Wednesday, September 22, 2021 19:28:33
[DoS Attack: SYN/ACK Scan] from source: 37.157.254.239, port 443, Wednesday, September 22, 2021 19:27:56
[DoS Attack: SYN/ACK Scan] from source: 2.16.75.200, port 443, Wednesday, September 22, 2021 19:15:59
[DoS Attack: SYN/ACK Scan] from source: 23.54.74.141, port 443, Wednesday, September 22, 2021 19:15:24
[DoS Attack: SYN/ACK Scan] from source: 92.122.148.35, port 443, Wednesday, September 22, 2021 19:13:29
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 19:11:22
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 19:10:05
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Wednesday, September 22, 2021 19:03:13
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Wednesday, September 22, 2021 18:52:36
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 18:45:36
[DoS Attack: RST Scan] from source: 161.97.168.3, port 29000, Wednesday, September 22, 2021 18:45:27
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 18:44:24
[DoS Attack: SYN/ACK Scan] from source: 103.158.36.70, port 80, Wednesday, September 22, 2021 18:43:00
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Wednesday, September 22, 2021 18:34:46
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 18:27:46
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Wednesday, September 22, 2021 18:17:44
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 18:09:15
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Wednesday, September 22, 2021 18:05:24
[DoS Attack: ACK Scan] from source: 52.98.207.133, port 44801, Wednesday, September 22, 2021 18:00:32
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 17:40:16
[DoS Attack: SYN/ACK Scan] from source: 2.17.23.76, port 443, Wednesday, September 22, 2021 17:35:04
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Wednesday, September 22, 2021 17:23:28
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 17:17:55
[DoS Attack: Xmas Tress Scan] from source: 119.90.52.52, port 52716, Wednesday, September 22, 2021 17:15:45
[DoS Attack: ACK Scan] from source: 119.90.52.52, port 52715, Wednesday, September 22, 2021 17:15:45
[DoS Attack: ACK Scan] from source: 119.90.52.52, port 52713, Wednesday, September 22, 2021 17:15:45
[DoS Attack: WinNuke Attack] from source: 119.90.52.52, port 52712, Wednesday, September 22, 2021 17:15:45
[DoS Attack: NULL Scan] from source: 119.90.52.52, port 52711, Wednesday, September 22, 2021 17:15:45
[DoS Attack: Xmas Tress Scan] from source: 119.90.52.52, port 52716, Wednesday, September 22, 2021 17:15:43
[DoS Attack: ACK Scan] from source: 119.90.52.52, port 52715, Wednesday, September 22, 2021 17:15:43
[DoS Attack: ACK Scan] from source: 119.90.52.52, port 52713, Wednesday, September 22, 2021 17:15:43
[DoS Attack: WinNuke Attack] from source: 119.90.52.52, port 52712, Wednesday, September 22, 2021 17:15:43
[DoS Attack: NULL Scan] from source: 119.90.52.52, port 52711, Wednesday, September 22, 2021 17:15:43
[DoS Attack: Xmas Tress Scan] from source: 119.90.52.52, port 52716, Wednesday, September 22, 2021 17:15:43
[DoS Attack: ACK Scan] from source: 119.90.52.52, port 52715, Wednesday, September 22, 2021 17:15:43
[DoS Attack: ACK Scan] from source: 119.90.52.52, port 52713, Wednesday, September 22, 2021 17:15:43
[DoS Attack: WinNuke Attack] from source: 119.90.52.52, port 52712, Wednesday, September 22, 2021 17:15:43
[DoS Attack: NULL Scan] from source: 119.90.52.52, port 52711, Wednesday, September 22, 2021 17:15:43
[DoS Attack: Xmas Tress Scan] from source: 119.90.52.52, port 52716, Wednesday, September 22, 2021 17:15:43
[DoS Attack: ACK Scan] from source: 119.90.52.52, port 52715, Wednesday, September 22, 2021 17:15:43
[DoS Attack: ACK Scan] from source: 119.90.52.52, port 52713, Wednesday, September 22, 2021 17:15:43
[DoS Attack: WinNuke Attack] from source: 119.90.52.52, port 52712, Wednesday, September 22, 2021 17:15:43
[DoS Attack: NULL Scan] from source: 119.90.52.52, port 52711, Wednesday, September 22, 2021 17:15:43
[DoS Attack: Xmas Tress Scan] from source: 119.90.52.52, port 52716, Wednesday, September 22, 2021 17:15:43
[DoS Attack: ACK Scan] from source: 119.90.52.52, port 52715, Wednesday, September 22, 2021 17:15:43
[DoS Attack: ACK Scan] from source: 119.90.52.52, port 52713, Wednesday, September 22, 2021 17:15:43
[DoS Attack: WinNuke Attack] from source: 119.90.52.52, port 52712, Wednesday, September 22, 2021 17:15:43
[DoS Attack: NULL Scan] from source: 119.90.52.52, port 52711, Wednesday, September 22, 2021 17:15:43
[DoS Attack: Xmas Tress Scan] from source: 119.90.52.42, port 39108, Wednesday, September 22, 2021 17:12:12
[DoS Attack: ACK Scan] from source: 119.90.52.42, port 39105, Wednesday, September 22, 2021 17:12:12
[DoS Attack: WinNuke Attack] from source: 119.90.52.42, port 39104, Wednesday, September 22, 2021 17:12:12
[DoS Attack: NULL Scan] from source: 119.90.52.42, port 39103, Wednesday, September 22, 2021 17:12:12
[DoS Attack: Xmas Tress Scan] from source: 119.90.52.42, port 39108, Wednesday, September 22, 2021 17:12:08
[DoS Attack: ACK Scan] from source: 119.90.52.42, port 39107, Wednesday, September 22, 2021 17:12:08
[DoS Attack: ACK Scan] from source: 119.90.52.42, port 39105, Wednesday, September 22, 2021 17:12:08
[DoS Attack: WinNuke Attack] from source: 119.90.52.42, port 39104, Wednesday, September 22, 2021 17:12:08
[DoS Attack: NULL Scan] from source: 119.90.52.42, port 39103, Wednesday, September 22, 2021 17:12:08
[DoS Attack: Xmas Tress Scan] from source: 119.90.52.42, port 39108, Wednesday, September 22, 2021 17:12:08
[DoS Attack: ACK Scan] from source: 119.90.52.42, port 39107, Wednesday, September 22, 2021 17:12:08
[DoS Attack: ACK Scan] from source: 119.90.52.42, port 39105, Wednesday, September 22, 2021 17:12:08
[DoS Attack: WinNuke Attack] from source: 119.90.52.42, port 39104, Wednesday, September 22, 2021 17:12:08
[DoS Attack: NULL Scan] from source: 119.90.52.42, port 39103, Wednesday, September 22, 2021 17:12:08
[DoS Attack: Xmas Tress Scan] from source: 119.90.52.42, port 39108, Wednesday, September 22, 2021 17:12:08
[DoS Attack: ACK Scan] from source: 119.90.52.42, port 39107, Wednesday, September 22, 2021 17:12:08
[DoS Attack: ACK Scan] from source: 119.90.52.42, port 39105, Wednesday, September 22, 2021 17:12:08
[DoS Attack: WinNuke Attack] from source: 119.90.52.42, port 39104, Wednesday, September 22, 2021 17:12:08
[DoS Attack: NULL Scan] from source: 119.90.52.42, port 39103, Wednesday, September 22, 2021 17:12:08
[DoS Attack: Xmas Tress Scan] from source: 119.90.52.42, port 39108, Wednesday, September 22, 2021 17:12:08
[DoS Attack: ACK Scan] from source: 119.90.52.42, port 39107, Wednesday, September 22, 2021 17:12:08
[DoS Attack: ACK Scan] from source: 119.90.52.42, port 39105, Wednesday, September 22, 2021 17:12:08
[DoS Attack: WinNuke Attack] from source: 119.90.52.42, port 39104, Wednesday, September 22, 2021 17:12:08
[DoS Attack: NULL Scan] from source: 119.90.52.42, port 39103, Wednesday, September 22, 2021 17:12:08
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 17:06:37
[DoS Attack: ACK Scan] from source: 119.90.52.42, port 39086, Wednesday, September 22, 2021 17:06:13
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 17:03:30
[DoS Attack: SYN/ACK Scan] from source: 205.251.242.103, port 443, Wednesday, September 22, 2021 17:02:50
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 17:02:11
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 17:01:33
[DoS Attack: ACK Scan] from source: 92.122.165.102, port 443, Wednesday, September 22, 2021 16:55:24
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 16:47:56
[DoS Attack: SYN/ACK Scan] from source: 176.32.103.205, port 443, Wednesday, September 22, 2021 16:35:15
[DoS Attack: RST Scan] from source: 91.191.209.163, port 43200, Wednesday, September 22, 2021 16:27:23
[DoS Attack: RST Scan] from source: 92.63.197.105, port 55135, Wednesday, September 22, 2021 16:26:54
[DoS Attack: SYN/ACK Scan] from source: 162.241.216.182, port 443, Wednesday, September 22, 2021 16:24:31
[DoS Attack: RST Scan] from source: 45.95.147.3, port 59914, Wednesday, September 22, 2021 16:19:28
[DoS Attack: SYN/ACK Scan] from source: 205.251.242.103, port 443, Wednesday, September 22, 2021 16:19:01
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 16:16:05
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 16:09:51
[DoS Attack: ICMP Scan] from source: 146.0.77.38, Wednesday, September 22, 2021 16:03:57
[DoS Attack: ACK Scan] from source: 146.0.77.38, port 48926, Wednesday, September 22, 2021 16:03:57
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 15:57:40
[DoS Attack: SYN/ACK Scan] from source: 23.54.74.141, port 443, Wednesday, September 22, 2021 15:55:58
[DoS Attack: ACK Scan] from source: 92.122.165.102, port 443, Wednesday, September 22, 2021 15:48:37
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 15:40:41
[DoS Attack: SYN/ACK Scan] from source: 164.132.206.38, port 30120, Wednesday, September 22, 2021 15:36:04
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 15:25:53
[DoS Attack: SYN/ACK Scan] from source: 176.32.103.205, port 443, Wednesday, September 22, 2021 14:57:50
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 14:53:21
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 14:43:51
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Wednesday, September 22, 2021 14:25:15
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 14:01:21
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 13:36:57
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 13:31:14
[DoS Attack: SYN/ACK Scan] from source: 137.74.95.222, port 80, Wednesday, September 22, 2021 13:21:15
[DoS Attack: SYN/ACK Scan] from source: 205.251.242.103, port 443, Wednesday, September 22, 2021 12:52:25
[DoS Attack: SYN/ACK Scan] from source: 50.236.208.90, port 19810, Wednesday, September 22, 2021 12:47:17
[DoS Attack: SYN/ACK Scan] from source: 50.236.208.90, port 19810, Wednesday, September 22, 2021 12:46:52
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 12:18:59
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 12:12:58
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Wednesday, September 22, 2021 12:09:21
[DoS Attack: SYN/ACK Scan] from source: 137.74.95.222, port 80, Wednesday, September 22, 2021 11:53:33
[DoS Attack: ACK Scan] from source: 52.97.129.229, port 61052, Wednesday, September 22, 2021 11:51:37
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 11:32:35
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Wednesday, September 22, 2021 11:31:06
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 11:10:58
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.85, port 63749, Wednesday, September 22, 2021 11:06:16
[DoS Attack: WinNuke Attack] from source: 119.90.42.85, port 63745, Wednesday, September 22, 2021 11:06:16
[DoS Attack: NULL Scan] from source: 119.90.42.85, port 63744, Wednesday, September 22, 2021 11:06:16
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.85, port 63749, Wednesday, September 22, 2021 11:06:15
[DoS Attack: WinNuke Attack] from source: 119.90.42.85, port 63745, Wednesday, September 22, 2021 11:06:15
[DoS Attack: NULL Scan] from source: 119.90.42.85, port 63744, Wednesday, September 22, 2021 11:06:15
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.85, port 63749, Wednesday, September 22, 2021 11:06:14
[DoS Attack: WinNuke Attack] from source: 119.90.42.85, port 63745, Wednesday, September 22, 2021 11:06:14
[DoS Attack: NULL Scan] from source: 119.90.42.85, port 63744, Wednesday, September 22, 2021 11:06:14
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.85, port 63749, Wednesday, September 22, 2021 11:06:13
[DoS Attack: ACK Scan] from source: 119.90.42.85, port 63748, Wednesday, September 22, 2021 11:06:13
[DoS Attack: ACK Scan] from source: 119.90.42.85, port 63746, Wednesday, September 22, 2021 11:06:13
[DoS Attack: WinNuke Attack] from source: 119.90.42.85, port 63745, Wednesday, September 22, 2021 11:06:13
[DoS Attack: NULL Scan] from source: 119.90.42.85, port 63744, Wednesday, September 22, 2021 11:06:13
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.85, port 63749, Wednesday, September 22, 2021 11:06:06
[DoS Attack: ACK Scan] from source: 119.90.42.85, port 63748, Wednesday, September 22, 2021 11:06:06
[DoS Attack: ACK Scan] from source: 119.90.42.85, port 63746, Wednesday, September 22, 2021 11:06:06
[DoS Attack: WinNuke Attack] from source: 119.90.42.85, port 63745, Wednesday, September 22, 2021 11:06:06
[DoS Attack: NULL Scan] from source: 119.90.42.85, port 63744, Wednesday, September 22, 2021 11:06:06
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.85, port 63749, Wednesday, September 22, 2021 11:06:06
[DoS Attack: ACK Scan] from source: 119.90.42.85, port 63748, Wednesday, September 22, 2021 11:06:06
[DoS Attack: ACK Scan] from source: 119.90.42.85, port 63746, Wednesday, September 22, 2021 11:06:06
[DoS Attack: WinNuke Attack] from source: 119.90.42.85, port 63745, Wednesday, September 22, 2021 11:06:06
[DoS Attack: NULL Scan] from source: 119.90.42.85, port 63744, Wednesday, September 22, 2021 11:06:06
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.85, port 63749, Wednesday, September 22, 2021 11:06:06
[DoS Attack: ACK Scan] from source: 119.90.42.85, port 63748, Wednesday, September 22, 2021 11:06:06
[DoS Attack: ACK Scan] from source: 119.90.42.85, port 63746, Wednesday, September 22, 2021 11:06:06
[DoS Attack: WinNuke Attack] from source: 119.90.42.85, port 63745, Wednesday, September 22, 2021 11:06:06
[DoS Attack: NULL Scan] from source: 119.90.42.85, port 63744, Wednesday, September 22, 2021 11:06:06
[DoS Attack: Xmas Tress Scan] from source: 119.90.42.85, port 63749, Wednesday, September 22, 2021 11:06:06
[DoS Attack: ACK Scan] from source: 119.90.42.85, port 63748, Wednesday, September 22, 2021 11:06:06
[DoS Attack: ACK Scan] from source: 119.90.42.85, port 63746, Wednesday, September 22, 2021 11:06:06
[DoS Attack: WinNuke Attack] from source: 119.90.42.85, port 63745, Wednesday, September 22, 2021 11:06:06
[DoS Attack: NULL Scan] from source: 119.90.42.85, port 63744, Wednesday, September 22, 2021 11:06:06
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 11:03:18
[DoS Attack: ACK Scan] from source: 133.218.60.126, port 35940, Wednesday, September 22, 2021 11:02:30
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 10:26:07
[DoS Attack: SYN/ACK Scan] from source: 54.239.28.85, port 443, Wednesday, September 22, 2021 10:15:44
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 09:47:57
[DoS Attack: SYN/ACK Scan] from source: 137.74.95.222, port 80, Wednesday, September 22, 2021 09:46:11
[DoS Attack: SYN/ACK Scan] from source: 51.222.154.180, port 44406, Wednesday, September 22, 2021 09:33:29
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Wednesday, September 22, 2021 09:32:01
[DoS Attack: SYN/ACK Scan] from source: 2.16.75.200, port 443, Wednesday, September 22, 2021 09:29:42
[DoS Attack: SYN/ACK Scan] from source: 51.222.154.180, port 44406, Wednesday, September 22, 2021 09:23:27
[DoS Attack: TCP/UDP Chargen] from source: 184.105.139.81, port 51094, Wednesday, September 22, 2021 09:04:18
[DoS Attack: SYN/ACK Scan] from source: 81.176.176.156, port 25565, Wednesday, September 22, 2021 09:00:42
[DoS Attack: ACK Scan] from source: 84.53.169.133, port 443, Wednesday, September 22, 2021 08:55:57
[DoS Attack: SYN/ACK Scan] from source: 137.74.95.222, port 80, Wednesday, September 22, 2021 08:20:06
[DoS Attack: SYN/ACK Scan] from source: 37.157.254.239, port 443, Wednesday, September 22, 2021 07:50:12
[DoS Attack: SYN/ACK Scan] from source: 54.239.28.85, port 443, Wednesday, September 22, 2021 07:47:16
[DoS Attack: SYN/ACK Scan] from source: 23.54.74.141, port 443, Wednesday, September 22, 2021 07:42:27
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 07:37:47
[DoS Attack: SYN/ACK Scan] from source: 23.54.74.141, port 443, Wednesday, September 22, 2021 07:29:35
[DoS Attack: SYN/ACK Scan] from source: 205.251.242.103, port 443, Wednesday, September 22, 2021 07:17:07
[DoS Attack: SYN/ACK Scan] from source: 54.239.28.85, port 443, Wednesday, September 22, 2021 06:29:29
[DoS Attack: SYN/ACK Scan] from source: 51.81.164.65, port 22, Wednesday, September 22, 2021 06:23:58
[DoS Attack: ACK Scan] from source: 84.53.169.133, port 443, Wednesday, September 22, 2021 06:16:07
[DoS Attack: SYN/ACK Scan] from source: 104.82.149.182, port 443, Wednesday, September 22, 2021 05:53:06
[DoS Attack: SYN/ACK Scan] from source: 205.251.242.103, port 443, Wednesday, September 22, 2021 05:50:46
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 05:48:05
[DoS Attack: SYN/ACK Scan] from source: 137.74.95.222, port 80, Wednesday, September 22, 2021 05:38:34
[DoS Attack: SYN/ACK Scan] from source: 104.82.149.182, port 443, Wednesday, September 22, 2021 05:32:20
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 05:27:23
[DoS Attack: SYN/ACK Scan] from source: 137.74.95.222, port 80, Wednesday, September 22, 2021 05:23:36
[DoS Attack: SYN/ACK Scan] from source: 176.32.103.205, port 443, Wednesday, September 22, 2021 05:19:05
[DoS Attack: SYN/ACK Scan] from source: 137.74.95.222, port 80, Wednesday, September 22, 2021 05:14:53
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 04:56:57
[DoS Attack: SYN/ACK Scan] from source: 104.82.149.182, port 443, Wednesday, September 22, 2021 04:51:46
[DoS Attack: SYN/ACK Scan] from source: 205.251.242.103, port 443, Wednesday, September 22, 2021 04:37:41
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 04:37:16
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 04:35:32
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 04:34:35
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Wednesday, September 22, 2021 04:33:20
[DoS Attack: SYN/ACK Scan] from source: 205.251.242.103, port 443, Wednesday, September 22, 2021 04:26:15
This is unlikely to be as fast as the delimiter method, but I like regex for this.
For single files:
do shell script "echo " & my (read (choose file))'s quoted form & " | egrep -o '(\\d{1,3}[.]?){4}' | sort -h | uniq >> " & ((path to desktop as text) & "IP.txt")'s POSIX path's quoted form
As a drop for multiple plain text files:
on open theFiles
set whatever to {}
repeat with aFile in theFiles
set whatever's end to aFile's POSIX path's quoted form & space
end repeat
do shell script "cat " & whatever & " | egrep -o '(\\d{1,3}[.]*\\d{1,3}){3}' | sort -h | uniq > " & ((path to desktop folder as text)'s POSIX path & "/IP.txt")'s quoted form
end open
I get the same result with wch1zpink’s script, which I believe arises from an inconsistent number of spaces before the IP address in the text in post 19. For example:
set lineOne to "[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Wednesday, September 22, 2021 23:33:56"
set theResult to do shell script "echo " & quoted form of lineOne & " | cut -d' ' -f7"
--> 95.217.31.46,
set lineTwo to "[DoS Attack: Xmas Tress Scan] from source: 119.90.42.87, port 52921, Wednesday, September 22, 2021 23:21:25"
set theResult to do shell script "echo " & quoted form of lineTwo & " | cut -d' ' -f7"
--> source:
The problem is masked in part by the uniq command. Also, it appears that the text in post 1 has a consistent number of spaces before the IP address, which may explain the differing results.
property stripText : " | cut -d' ' -f7 | tr -d ',' | egrep -v 'source' | sort -n | uniq"
on open of theFiles -- Handles single or multiple dropped files
repeat with aFile in theFiles
tell application "Finder" to set sourceFilePath to container of aFile as alias
set cleanedText to do shell script "cat " & ¬
quoted form of POSIX path of aFile & stripText
do shell script "echo " & quoted form of cleanedText & " >> " & ¬
quoted form of POSIX path of sourceFilePath & "Cleaned_IPs.txt"
do shell script "sort -n | uniq " & quoted form of ¬
POSIX path of sourceFilePath & "Cleaned_IPs.txt" & ¬
" | pbcopy -pboard ruler ; pbpaste -pboard ruler > " & ¬
quoted form of POSIX path of sourceFilePath & "Cleaned_IPs.txt"
end repeat
end open
I only have a passing familiarity with regex and no experience with its use with ASObjC, and I thought writing a script utilizing these might be a good learning experience. The timing test result was 65 milliseconds, which is only respectable, but the script should be reliable. The basic ASObjC regex code was from Shane’s book.
use framework "Foundation"
use scripting additions
on open theDroppedItems
set theFile to POSIX path of item 1 of theDroppedItems
set theIPFile to getFileName(theFile)
set theText to (current application's NSString's stringWithContentsOfFile:theFile encoding:(current application's NSUTF8StringEncoding) |error|:(missing value))
set theIPData to getIPData(theText)
(current application's NSString's stringWithString:theIPData)'s writeToFile:theIPFile atomically:true encoding:(current application's NSUTF8StringEncoding) |error|:(missing value)
end open
on getIPData(theText)
set regExPattern to "(\\d{1,3}\\.){3}\\d{1,3}"
set theRegEx to current application's NSRegularExpression's regularExpressionWithPattern:regExPattern options:0 |error|:(missing value)
set regExMatches to theRegEx's matchesInString:theText options:0 range:{location:0, |length|:theText's |length|()}
set ipList to {}
repeat with anItem in regExMatches
set end of ipList to (theText's substringWithRange:(anItem's range())) as text
end repeat
set ipSet to current application's NSOrderedSet's orderedSetWithArray:ipList
set ipSortedArray to ipSet's array()'s sortedArrayUsingSelector:"localizedStandardCompare:"
return ((ipSortedArray's componentsJoinedByString:linefeed) as text)
end getIPData
on getFileName(theFile)
set theFile to current application's NSString's stringWithString:theFile
set fileBase to theFile's stringByDeletingPathExtension()
set fileExtension to theFile's pathExtension()
return ((fileBase's stringByAppendingString:"_IP")'s stringByAppendingPathExtension:fileExtension)
end getFileName
property stripText : " | cut -d' ' -f7 | tr -d ',' | egrep -v 'source'"
property logFileName : "Logged IPs.txt"
on open of theFiles -- Handles single or multiple dropped files
set oldClipboard to the clipboard
repeat with aFile in theFiles
tell application "Finder" to set sourceFilePath to container of aFile as alias
set cleanedText to do shell script "cat " & ¬
quoted form of POSIX path of aFile & stripText
do shell script "echo -n " & quoted form of cleanedText & " >> " & ¬
quoted form of POSIX path of sourceFilePath & quoted form of logFileName
end repeat
set AppleScript's text item delimiters to linefeed
set theContentWords to words of ¬
(read POSIX path of sourceFilePath & logFileName) as text
set the clipboard to theContentWords
do shell script "pbpaste | sort -n | uniq > " & ¬
quoted form of POSIX path of sourceFilePath & quoted form of logFileName
set the clipboard to oldClipboard
end open
As per previous post, I’ve been on holiday. Just tried this out on:
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 23:54:51
[DoS Attack: SYN/ACK Scan] from source: 213.5.229.18, port 3306, Saturday, September 25, 2021 23:14:09
[DoS Attack: SYN/ACK Scan] from source: 23.234.229.19, port 80, Saturday, September 25, 2021 23:06:51
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 23:04:37
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 23:04:35
[DoS Attack: SYN/ACK Scan] from source: 35.186.220.63, port 80, Saturday, September 25, 2021 22:48:11
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 22:40:32
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 22:04:26
[DoS Attack: SYN/ACK Scan] from source: 104.82.149.182, port 443, Saturday, September 25, 2021 21:31:44
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 21:04:35
[DoS Attack: SYN/ACK Scan] from source: 213.186.33.2, port 443, Saturday, September 25, 2021 21:03:42
[DoS Attack: RST Scan] from source: 177.234.152.194, port 7172, Saturday, September 25, 2021 20:40:06
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 20:37:54
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 20:32:18
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 20:21:40
[DoS Attack: TCP/UDP Chargen] from source: 185.94.111.1, port 39702, Saturday, September 25, 2021 20:13:36
[DoS Attack: SYN/ACK Scan] from source: 192.124.249.107, port 443, Saturday, September 25, 2021 20:02:23
[DoS Attack: SYN/ACK Scan] from source: 198.23.200.243, port 80, Saturday, September 25, 2021 19:55:25
[DoS Attack: SYN/ACK Scan] from source: 192.124.249.107, port 443, Saturday, September 25, 2021 19:54:22
[DoS Attack: SYN/ACK Scan] from source: 23.234.229.19, port 80, Saturday, September 25, 2021 19:22:39
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 19:13:39
[DoS Attack: SYN/ACK Scan] from source: 204.74.99.100, port 80, Saturday, September 25, 2021 19:11:08
[DoS Attack: SYN/ACK Scan] from source: 192.124.249.107, port 443, Saturday, September 25, 2021 19:08:48
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 19:00:24
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 18:43:43
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 18:40:48
[DoS Attack: RST Scan] from source: 52.113.194.133, port 80, Saturday, September 25, 2021 18:38:02
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 18:36:19
[DoS Attack: SYN/ACK Scan] from source: 2.16.75.200, port 443, Saturday, September 25, 2021 18:35:17
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 18:30:39
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 18:28:35
[DoS Attack: SYN/ACK Scan] from source: 192.124.249.107, port 443, Saturday, September 25, 2021 18:21:14
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 18:13:02
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 18:07:35
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 17:58:44
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 17:44:24
[DoS Attack: ACK Scan] from source: 79.174.70.178, port 443, Saturday, September 25, 2021 17:38:10
[DoS Attack: ACK Scan] from source: 79.174.70.178, port 443, Saturday, September 25, 2021 17:26:02
[DoS Attack: SYN/ACK Scan] from source: 95.217.83.105, port 25565, Saturday, September 25, 2021 17:20:48
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 17:07:14
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 16:40:03
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 16:39:38
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 16:39:31
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 16:39:20
[DoS Attack: ACK Scan] from source: 79.174.70.178, port 443, Saturday, September 25, 2021 16:36:36
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 16:29:50
[DoS Attack: ACK Scan] from source: 45.85.218.56, port 80, Saturday, September 25, 2021 16:20:26
[DoS Attack: ACK Scan] from source: 45.85.218.56, port 80, Saturday, September 25, 2021 16:20:20
[DoS Attack: ACK Scan] from source: 79.174.70.178, port 443, Saturday, September 25, 2021 16:12:32
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 16:09:27
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 15:24:34
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 14:57:55
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 14:04:37
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 13:44:11
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 13:11:19
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 12:48:06
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 12:11:35
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 11:54:58
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 10:54:20
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 10:54:03
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 10:40:16
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 10:32:38
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 10:28:51
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 09:46:08
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 09:13:35
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 09:08:57
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 08:56:27
[DoS Attack: UDP Port Scan] from source: 103.145.13.56, port 5261, Saturday, September 25, 2021 08:36:32
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 08:29:44
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Saturday, September 25, 2021 08:23:29
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 08:05:04
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 07:50:01
[DoS Attack: SYN/ACK Scan] from source: 104.21.192.109, port 80, Saturday, September 25, 2021 07:48:14
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 07:16:36
[DoS Attack: TCP/UDP Chargen] from source: 184.105.139.77, port 54424, Saturday, September 25, 2021 07:05:27
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 06:59:32
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 06:52:48
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 06:42:45
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 06:37:06
[DoS Attack: RST Scan] from source: 204.79.197.222, port 80, Saturday, September 25, 2021 06:32:15
[DoS Attack: SYN/ACK Scan] from source: 204.79.197.222, port 80, Saturday, September 25, 2021 06:32:12
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 06:23:17
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Saturday, September 25, 2021 05:46:50
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 05:40:09
[DoS Attack: UDP Port Scan] from source: 111.40.50.89, port 17075, Saturday, September 25, 2021 05:24:32
[DoS Attack: UDP Port Scan] from source: 111.40.50.89, port 15957, Saturday, September 25, 2021 05:24:31
[DoS Attack: RST Scan] from source: 139.59.228.97, port 80, Saturday, September 25, 2021 05:14:42
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 04:57:56
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 04:33:30
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 04:05:57
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 03:30:20
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 03:23:12
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 02:40:43
[DoS Attack: SYN/ACK Scan] from source: 144.172.73.16, port 22, Saturday, September 25, 2021 01:39:05
[DoS Attack: SYN/ACK Scan] from source: 144.172.73.16, port 22, Saturday, September 25, 2021 01:36:07
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Saturday, September 25, 2021 01:31:12
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 01:24:03
[DoS Attack: SYN/ACK Scan] from source: 54.36.218.102, port 22, Saturday, September 25, 2021 01:21:43
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 01:21:37
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Saturday, September 25, 2021 01:17:34
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 01:13:03
[DoS Attack: SYN/ACK Scan] from source: 88.99.208.125, port 25565, Saturday, September 25, 2021 01:12:17
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Saturday, September 25, 2021 01:05:32
[DoS Attack: SYN/ACK Scan] from source: 134.255.220.82, port 30120, Saturday, September 25, 2021 00:41:11
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Saturday, September 25, 2021 00:34:05
[DoS Attack: SYN/ACK Scan] from source: 93.114.82.3, port 13901, Saturday, September 25, 2021 00:27:37
[DoS Attack: SYN/ACK Scan] from source: 185.19.216.119, port 8081, Saturday, September 25, 2021 00:26:52
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Saturday, September 25, 2021 00:24:40
[DoS Attack: SYN/ACK Scan] from source: 88.99.213.221, port 80, Saturday, September 25, 2021 00:16:35
[DoS Attack: ACK Scan] from source: 84.53.169.133, port 443, Saturday, September 25, 2021 00:11:21
[DoS Attack: RST Scan] from source: 23.148.145.7, port 44086, Friday, September 24, 2021 23:57:06
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 23:52:19
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 23:52:18
[DoS Attack: RST Scan] from source: 216.250.254.67, port 43676, Friday, September 24, 2021 23:48:08
[DoS Attack: RST Scan] from source: 23.148.145.233, port 47220, Friday, September 24, 2021 23:40:56
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Friday, September 24, 2021 23:24:19
[DoS Attack: RST Scan] from source: 216.250.254.67, port 41821, Friday, September 24, 2021 23:19:58
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 23:10:58
[DoS Attack: TCP/UDP Echo] from source: 141.212.123.208, port 45054, Friday, September 24, 2021 23:04:17
[DoS Attack: ACK Scan] from source: 146.0.16.243, port 80, Friday, September 24, 2021 22:33:16
[DoS Attack: SYN/ACK Scan] from source: 88.99.213.221, port 80, Friday, September 24, 2021 22:26:02
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Friday, September 24, 2021 22:22:20
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 22:13:15
[DoS Attack: SYN/ACK Scan] from source: 88.99.213.221, port 80, Friday, September 24, 2021 22:04:41
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Friday, September 24, 2021 22:02:10
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 21:44:54
[DoS Attack: RST Scan] from source: 45.234.96.30, port 21674, Friday, September 24, 2021 20:35:06
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Friday, September 24, 2021 20:26:29
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Friday, September 24, 2021 20:04:23
[DoS Attack: SYN/ACK Scan] from source: 46.105.114.88, port 25565, Friday, September 24, 2021 19:48:20
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 19:46:03
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 19:20:10
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 18:59:23
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 18:50:45
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 18:50:13
[DoS Attack: ACK Scan] from source: 73.4.169.252, port 9000, Friday, September 24, 2021 18:44:58
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 18:42:36
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 18:38:06
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 18:23:07
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 18:12:08
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 17:54:05
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 17:41:24
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Friday, September 24, 2021 17:31:45
[DoS Attack: ACK Scan] from source: 104.96.80.41, port 443, Friday, September 24, 2021 17:31:05
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 17:18:46
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 17:02:44
[DoS Attack: SYN/ACK Scan] from source: 162.241.216.182, port 443, Friday, September 24, 2021 17:00:41
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 16:55:59
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 16:41:05
[DoS Attack: ACK Scan] from source: 73.4.169.252, port 9000, Friday, September 24, 2021 16:38:34
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 16:38:02
[DoS Attack: SYN/ACK Scan] from source: 178.254.210.57, port 80, Friday, September 24, 2021 16:36:34
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 16:26:07
[DoS Attack: SYN/ACK Scan] from source: 168.119.232.76, port 443, Friday, September 24, 2021 15:58:49
[DoS Attack: SYN/ACK Scan] from source: 172.217.194.153, port 443, Friday, September 24, 2021 15:54:37
[DoS Attack: TCP/UDP Chargen] from source: 176.126.175.215, port 58284, Friday, September 24, 2021 15:52:18
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 15:49:31
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 15:31:34
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 15:06:11
[DoS Attack: SYN/ACK Scan] from source: 95.217.31.46, port 443, Friday, September 24, 2021 15:04:20
[DoS Attack: SYN/ACK Scan] from source: 88.99.189.158, port 443, Friday, September 24, 2021 14:50:56
[DoS Attack: SYN/ACK Scan] from source: 167.233.9.51, port 80, Friday, September 24, 2021 14:48:54
[DoS Attack: RST Scan] from source: 34.120.67.236, port 443, Friday, September 24, 2021 14:45:21
[DoS Attack: SYN/ACK Scan] from source: 95.217.30.172, port 443, Friday, September 24, 2021 14:38:58
[DoS Attack: RST Scan] from source: 62.171.140.77, port 8000, Friday, September 24, 2021 14:37:36
[DoS Attack: ARP Attack] from source: 192.168.1.66, Friday, September 24, 2021 14:35:32
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:29
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:35:28
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:26
[DoS Attack: ARP Attack] from source: 192.168.1.66, Friday, September 24, 2021 14:35:25
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:24
[DoS Attack: ARP Attack] from source: 192.168.1.80, Friday, September 24, 2021 14:35:23
[DoS Attack: ARP Attack] from source: 192.168.1.71, Friday, September 24, 2021 14:35:22
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:19
[DoS Attack: ARP Attack] from source: 169.254.141.163, Friday, September 24, 2021 14:35:14
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:13
[DoS Attack: ARP Attack] from source: 192.168.1.80, Friday, September 24, 2021 14:35:12
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:11
[DoS Attack: ARP Attack] from source: 169.254.141.163, Friday, September 24, 2021 14:35:09
[DoS Attack: ARP Attack] from source: 192.168.1.80, Friday, September 24, 2021 14:35:08
[DoS Attack: ARP Attack] from source: 192.168.1.74, Friday, September 24, 2021 14:35:04
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:35:04
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:53
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:52
[DoS Attack: ARP Attack] from source: 192.168.1.200, Friday, September 24, 2021 14:34:51
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:49
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:44
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:43
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:32
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:31
[DoS Attack: ARP Attack] from source: 192.168.1.250, Friday, September 24, 2021 14:34:30
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:24
[DoS Attack: ARP Attack] from source: 192.168.1.3, Friday, September 24, 2021 14:34:23
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:22
[DoS Attack: ARP Attack] from source: 192.168.1.200, Friday, September 24, 2021 14:34:21
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:19
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:18
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:11
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:10
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:09
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:08
[DoS Attack: ARP Attack] from source: 192.168.1.121, Friday, September 24, 2021 14:34:04
[DoS Attack: ARP Attack] from source: 192.168.1.67, Friday, September 24, 2021 14:34:02
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:34:01
[DoS Attack: ARP Attack] from source: 192.168.1.67, Friday, September 24, 2021 14:34:00
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:33:59
[DoS Attack: ARP Attack] from source: 192.168.1.67, Friday, September 24, 2021 14:33:56
[DoS Attack: ARP Attack] from source: 192.168.1.64, Friday, September 24, 2021 14:33:54
[DoS Attack: ARP Attack] from source: 192.168.1.75, Friday, September 24, 2021 14:33:53
[DoS Attack: RST Scan] from source: 104.82.149.182, port 443, Friday, September 24, 2021 14:33:31
Worked great but left a stray ‘n’ on the first line of the output, i.e.
Just needed to remove the “-n” option from the “echo” command.
property stripText : " | cut -d' ' -f7 | tr -d ',' | egrep -v 'source'"
property logFileName : "Logged IPs.txt"
on open of theFiles -- Handles single or multiple dropped files
set oldClipboard to the clipboard
repeat with aFile in theFiles
tell application "Finder" to set sourceFilePath to container of aFile as alias
set cleanedText to do shell script "cat " & ¬
quoted form of POSIX path of aFile & stripText
do shell script "echo " & quoted form of cleanedText & " >> " & ¬
quoted form of POSIX path of sourceFilePath & quoted form of logFileName
end repeat
set AppleScript's text item delimiters to linefeed
set theContentWords to words of ¬
(read POSIX path of sourceFilePath & logFileName) as text
set the clipboard to theContentWords
do shell script "pbpaste | sort -n | uniq > " & ¬
quoted form of POSIX path of sourceFilePath & quoted form of logFileName
set the clipboard to oldClipboard
end open