1 SET FOREIGN_KEY_CHECKS=0;
2 SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
3 SET time_zone = "+00:00";
5 /*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
6 /*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
7 /*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
8 /*!40101 SET NAMES utf8 */;
11 DROP TABLE IF EXISTS `ctracker_config`;
12 CREATE TABLE IF NOT EXISTS `ctracker_config` (
13 `ctracker_config` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
14 `ctracker_db_version` bigint(20) unsigned NOT NULL DEFAULT '0',
15 `ctracker_min_sleep` smallint(5) unsigned NOT NULL DEFAULT '10',
16 `ctracker_max_sleep` smallint(5) unsigned NOT NULL DEFAULT '30',
17 `ctracker_alert_user` enum('Y','N') NOT NULL DEFAULT 'Y',
18 `ctracker_language` char(2) NOT NULL DEFAULT 'en',
19 PRIMARY KEY (`ctracker_config`)
20 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
22 INSERT INTO `ctracker_config` (`ctracker_config`, `ctracker_db_version`, `ctracker_min_sleep`, `ctracker_max_sleep`, `ctracker_alert_user`, `ctracker_language`) VALUES
23 (1, 7, 10, 30, 'Y', 'en');
25 DROP TABLE IF EXISTS `ctracker_data`;
26 CREATE TABLE IF NOT EXISTS `ctracker_data` (
27 `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'Running id number',
28 `remote_addr` varchar(15) NOT NULL COMMENT 'Remote address',
29 `proxy_addr` varchar(15) DEFAULT NULL COMMENT 'Detected IP behind proxy',
30 `user_agent` tinytext NOT NULL COMMENT 'User agent string',
31 `get_data` tinytext NOT NULL COMMENT 'Serialized GET data',
32 `post_data` tinytext NOT NULL COMMENT 'Serialized POST data',
33 `check_worm` tinytext NOT NULL COMMENT 'Serialized GET data',
34 `check_post` tinytext NOT NULL COMMENT 'Serialized GET data',
35 `server_name` tinytext COMMENT 'Server''s host name',
36 `script_name` varchar(255) DEFAULT NULL COMMENT 'Full script name',
37 `referer` varchar(255) NOT NULL COMMENT 'Referer',
38 `request_method` varchar(255) DEFAULT NULL COMMENT 'HTTP request method',
39 `proxy_used` enum('Y','N') NOT NULL DEFAULT 'N' COMMENT 'Proxy used?',
40 `first_attempt` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00' COMMENT 'First attempt',
41 `last_attempt` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT 'Last attempt',
42 `count` bigint(20) unsigned NOT NULL DEFAULT '1' COMMENT 'Counter',
44 KEY `remote_addr` (`remote_addr`),
45 KEY `remote_proxy_last` (`remote_addr`,`proxy_addr`),
46 KEY `request_method` (`request_method`),
48 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 ROW_FORMAT=COMPACT COMMENT='Gathered data of attack';
50 DROP TABLE IF EXISTS `ctracker_ticket`;
51 CREATE TABLE IF NOT EXISTS `ctracker_ticket` (
52 `ctracker_ticket` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
53 `ctracker_ticket_remote_addr` varchar(15) NOT NULL,
54 `ctracker_ticket_user_agent` tinytext NOT NULL,
55 `ctracker_ticket_name` varchar(255) NOT NULL,
56 `ctracker_ticket_email` varchar(255) NOT NULL,
57 `ctracker_ticket_comment` tinytext NOT NULL,
58 `ctracker_ticket_proxy_addr` varchar(15) DEFAULT NULL,
59 PRIMARY KEY (`ctracker_ticket`),
60 UNIQUE KEY `ctracker_ticket_remote_addr` (`ctracker_ticket_remote_addr`)
61 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
63 DROP TABLE IF EXISTS `ctracker_ticket_data`;
64 CREATE TABLE IF NOT EXISTS `ctracker_ticket_data` (
65 `ctracker_ticket_data_id` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
66 `ctracker_ticket_id` bigint(20) unsigned NOT NULL DEFAULT '0',
67 `ctracker_data_id` bigint(20) unsigned NOT NULL DEFAULT '0',
68 PRIMARY KEY (`ctracker_ticket_data_id`),
69 UNIQUE KEY `ctracker_ticket_data` (`ctracker_ticket_id`,`ctracker_data_id`),
70 KEY `ctracker_data_id` (`ctracker_data_id`)
71 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
72 DROP VIEW IF EXISTS `view_attack_distribution`;
73 CREATE TABLE IF NOT EXISTS `view_attack_distribution` (
75 ,`remote_addr` varchar(15)
76 );DROP VIEW IF EXISTS `view_most_attacked_domains`;
77 CREATE TABLE IF NOT EXISTS `view_most_attacked_domains` (
79 ,`server_name` tinytext
80 );DROP VIEW IF EXISTS `view_most_attacked_scripts`;
81 CREATE TABLE IF NOT EXISTS `view_most_attacked_scripts` (
83 ,`script_name` varchar(255)
84 );DROP VIEW IF EXISTS `view_most_attacking_agents`;
85 CREATE TABLE IF NOT EXISTS `view_most_attacking_agents` (
87 ,`user_agent` tinytext
88 );DROP VIEW IF EXISTS `view_proxy_addresses`;
89 CREATE TABLE IF NOT EXISTS `view_proxy_addresses` (
90 `remote_addr` varchar(15)
91 ,`proxy_addr` varchar(15)
92 );DROP VIEW IF EXISTS `view_proxy_attackers`;
93 CREATE TABLE IF NOT EXISTS `view_proxy_attackers` (
95 ,`has_used_proxy` enum('Y','N')
96 );DROP VIEW IF EXISTS `view_proxy_ip_usage`;
97 CREATE TABLE IF NOT EXISTS `view_proxy_ip_usage` (
98 `total_proxy_ips` decimal(42,0)
99 ,`distinct_proxy_ips` bigint(21)
100 );DROP VIEW IF EXISTS `view_spreaded_attacks`;
101 CREATE TABLE IF NOT EXISTS `view_spreaded_attacks` (
102 `time_diff` bigint(11)
103 ,`id` bigint(20) unsigned
104 ,`remote_addr` varchar(15)
105 ,`user_agent` tinytext
106 ,`server_name` tinytext
108 ,`check_worm` tinytext
109 ,`proxy_used` enum('Y','N')
110 ,`first_attempt` timestamp
111 ,`last_attempt` timestamp
112 ,`count` bigint(20) unsigned
113 );DROP VIEW IF EXISTS `view_total_attacks`;
114 CREATE TABLE IF NOT EXISTS `view_total_attacks` (
115 `total_attacks` decimal(42,0)
116 ,`distinct_attacks` bigint(21)
117 ,`max_attack_repeat` bigint(20) unsigned
118 );DROP TABLE IF EXISTS `view_attack_distribution`;
120 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `view_attack_distribution` AS select count(0) AS `Rows`,`ctracker_data`.`remote_addr` AS `remote_addr` from `ctracker_data` group by `ctracker_data`.`remote_addr` order by count(0) desc;
121 DROP TABLE IF EXISTS `view_most_attacked_domains`;
123 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `view_most_attacked_domains` AS select count(0) AS `Rows`,`ctracker_data`.`server_name` AS `server_name` from `ctracker_data` group by `ctracker_data`.`server_name` order by count(0) desc;
124 DROP TABLE IF EXISTS `view_most_attacked_scripts`;
126 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `view_most_attacked_scripts` AS select count(0) AS `Rows`,`ctracker_data`.`script_name` AS `script_name` from `ctracker_data` group by `ctracker_data`.`script_name` order by count(0) desc;
127 DROP TABLE IF EXISTS `view_most_attacking_agents`;
129 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `view_most_attacking_agents` AS select count(0) AS `Rows`,`ctracker_data`.`user_agent` AS `user_agent` from `ctracker_data` group by `ctracker_data`.`user_agent` order by count(0) desc;
130 DROP TABLE IF EXISTS `view_proxy_addresses`;
132 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `view_proxy_addresses` AS select distinct `ctracker_data`.`remote_addr` AS `remote_addr`,`ctracker_data`.`proxy_addr` AS `proxy_addr` from `ctracker_data` where (`ctracker_data`.`remote_addr` <> `ctracker_data`.`proxy_addr`) order by `ctracker_data`.`remote_addr` limit 1;
133 DROP TABLE IF EXISTS `view_proxy_attackers`;
135 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `view_proxy_attackers` AS select count(0) AS `Rows`,`ctracker_data`.`proxy_used` AS `has_used_proxy` from `ctracker_data` group by `ctracker_data`.`proxy_used` order by `ctracker_data`.`proxy_used`;
136 DROP TABLE IF EXISTS `view_proxy_ip_usage`;
138 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `view_proxy_ip_usage` AS select sum(`ctracker_data`.`count`) AS `total_proxy_ips`,count(`ctracker_data`.`id`) AS `distinct_proxy_ips` from `ctracker_data` where (`ctracker_data`.`remote_addr` <> `ctracker_data`.`proxy_addr`);
139 DROP TABLE IF EXISTS `view_spreaded_attacks`;
141 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `view_spreaded_attacks` AS select (unix_timestamp(`ctracker_data`.`last_attempt`) - unix_timestamp(`ctracker_data`.`first_attempt`)) AS `time_diff`,`ctracker_data`.`id` AS `id`,`ctracker_data`.`remote_addr` AS `remote_addr`,`ctracker_data`.`user_agent` AS `user_agent`,`ctracker_data`.`server_name` AS `server_name`,`ctracker_data`.`get_data` AS `get_data`,`ctracker_data`.`check_worm` AS `check_worm`,`ctracker_data`.`proxy_used` AS `proxy_used`,`ctracker_data`.`first_attempt` AS `first_attempt`,`ctracker_data`.`last_attempt` AS `last_attempt`,`ctracker_data`.`count` AS `count` from `ctracker_data` group by `ctracker_data`.`remote_addr` order by (unix_timestamp(`ctracker_data`.`last_attempt`) - unix_timestamp(`ctracker_data`.`first_attempt`)) desc;
142 DROP TABLE IF EXISTS `view_total_attacks`;
144 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `view_total_attacks` AS select sum(`ctracker_data`.`count`) AS `total_attacks`,count(`ctracker_data`.`id`) AS `distinct_attacks`,max(`ctracker_data`.`count`) AS `max_attack_repeat` from `ctracker_data` limit 1;
147 ALTER TABLE `ctracker_ticket_data`
148 ADD CONSTRAINT `ctracker_ticket_data_ibfk_1` FOREIGN KEY (`ctracker_ticket_id`) REFERENCES `ctracker_ticket` (`ctracker_ticket`) ON DELETE CASCADE,
149 ADD CONSTRAINT `ctracker_ticket_data_ibfk_2` FOREIGN KEY (`ctracker_data_id`) REFERENCES `ctracker_data` (`id`) ON DELETE CASCADE;
150 SET FOREIGN_KEY_CHECKS=1;
152 /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
153 /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
154 /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;