读取系统"安全"日志中的失败登录尝试 + 添加攻击者IP到防火墙策略

    Private Sub btnRead_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnRead.Click        Dim ComputerLogs() As Diagnostics.EventLog = EventLog.GetEventLogs        For Each aLog As Diagnostics.EventLog In ComputerLogs            If aLog.Log = "Security" Then                Dim cnt As Integer = aLog.Entries.Count, idx As Integer = 0                For Each itm As EventLogEntry In aLog.Entries                    idx += 1                    Me.Text = idx & "/" & cnt                    If itm.InstanceId = 4625 Then                        txtIPList.AppendText(itm.TimeGenerated & vbTab & itm.ReplacementStrings(5) & vbTab & itm.ReplacementStrings(19) & vbCrLf)                    End If                Next                Exit For            End If        Next        Me.Text = "EventReader"    End Sub    Private Sub btnFW_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnFW.Click        Dim plcObj As NetFwTypeLib.INetFwPolicy2 = CreateObject("HNetCfg.FwPolicy2"), rule As NetFwTypeLib.INetFwRule        Dim CurrentProfiles As Integer = plcObj.CurrentProfileTypes()            For Each rule In plcObj.Rules            If rule.Profiles And CurrentProfiles Then                If rule.Name = "DENY_LOGIN_ATTEMPT" Then                    MsgBox(rule.RemoteAddresses)                    rule.RemoteAddresses &= "," & txtIPList.Text.Replace(vbCrLf, ",")                    txtResult.Text = rule.RemoteAddresses.Replace(",", vbCrLf).Replace("255.255.255.255", "32")                    Exit For                End If            End If        Next    End Sub