cschantz 1f8e3e2ca8 Add IP reputation tracking for ET Open detections + historical analyzer to menu ...

IP Reputation Tracking:
- ET attack scores now properly boost IP threat scores
- When ET detects attack (score 85-100), adds to IP's cumulative score
- Example: IP at score 50 + ET attack 95 = total 100 (capped)
- Tracks across multiple requests from same IP
- Higher scores = faster blocking/banning

How it works:
1. ET detection runs: analyze_http_log_line() returns score
2. Score added to IP's existing threat score in IP_DATA array
3. Display shows boosted score
4. Auto-block triggers at combined score ≥90

Menu Integration:
- Added option 15 to Security menu
- 🛡️ Historical Attack Analysis - Scan past logs for attacks (ET Open)
- Launches: tools/analyze-historical-attacks.sh
- Features:
  - Scan last 7/30/custom days
  - Analyze specific log files
  - Generate comprehensive reports
  - Top attackers, signatures, attack types
  - Supports compressed logs (gzip, bzip2)

Testing:
✅ Syntax validated
✅ Tracking logic verified (50 + 95 = 100)
✅ Menu navigation works
✅ Historical analyzer accessible

Now when IPs attack repeatedly:
- First attack: Score increases by attack severity
- Subsequent attacks: Scores accumulate
- Persistent attackers: Reach blocking threshold faster
- Dashboard shows current cumulative score

2025-12-13 02:21:28 -05:00

..

backup

Update documentation for MySQL restore tool and backup module

2025-12-10 23:07:11 -05:00

diagnostics

Eliminate all bc command dependencies - replace with awk for portability

2025-12-03 20:49:46 -05:00

maintenance

Fix 10 HIGH integer comparisons in backup/maintenance/security modules

2025-12-03 20:14:37 -05:00

performance

Performance optimizations Round 2: Pure bash field extraction

2025-12-12 17:08:17 -05:00

security

Add IP reputation tracking for ET Open detections + historical analyzer to menu

2025-12-13 02:21:28 -05:00

website

Fix CRITICAL and HIGH priority QA issues

2025-12-04 16:17:59 -05:00