I need to get some sort of logging of traffic/requests to a server we have setup, it just needs the IP address and Time, nothing terribly fancy.
The server we've got setup is running on Amazon AWS in Sydney, an EC2 instance. Running on it is the server side Java application for a uni project, a Tomcat server and a MySQL server. It's not a production server for a company or anything, so I'm not really concerned it just obviously isn't great having random people trying to connect. We keep seeing login requests/attempts for the Tomcat server using root, tomcat, admin etc as usernames but it doesn't provide anything useful other than that.
Was hoping that if we could find the IPs trying to login, I could add them to a rule in the Windows firewall and block them. My original idea was to do it via the EC2 console, but it has a default rule of block every port and IP, where you have to specify addresses/ports to allow. This wouldn't work as the 3 of us in our project team have dynamic IPs at home, so it would be really tricky to keep up with.
If theres another solution I'm missing I'd really appreciate it :)
This goes a little bit beyond what I was taught in my classes so I'm kind of out of my depth but really want to learn. The only time we went into the firewall settings in class was to turn it off completely, that is not gonna happen obviously.
Thanks in advance!