daily pastebin goal
94%
SHARE
TWEET

Untitled

a guest Jun 20th, 2012 160 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Aaron Zauner ✆
  2. 2:34 PM (0 minutes ago)
  3. Reply
  4. to devops
  5. hi everyone!
  6.  
  7. sorry, i was really tierd yesterday (the heat is killing me!), but i
  8. think everyone got the bigger picture (thx @ michael renner for
  9. clarifying a lot of things).
  10.  
  11. short link writeup:
  12. - http://www.fail2ban.org/wiki/index.php/Main_Page
  13. - https://github.com/azet/fail2ban_serve_notice/blob/master/fail2ban_serve_notice.sh
  14. (experimental! use with caution)
  15. - http://www.cloudflare.com/
  16. - http://www.projecthoneypot.org/home.php
  17. - http://www.ietf.org/rfc/rfc2142.txt
  18.  
  19. the script will be extended & debugged. if i got enough time in the
  20. next weeks i'll add API interfacing to cloudflare/projecthoneypot.
  21. does anyone know similar projects (hannes mentioned something)?
  22.  
  23. my server currently only serves 22 and 80 (with the latter beeing
  24. barely used) with a small amout of request -> thus i get a relatively
  25. small amout of break-in/ddos attempts.
  26. typical bouncing chinese mail adresses: bill.pang@bj.datadragon.net,
  27. apnic@xjcnc.net, hostmaster@public1.nc.jx.cn, zhy0607@public.ty.sx.cn,
  28. sxiptech@shanxitele.com, anti-spam@mail.jxptt.zj.cn [...] (these are
  29. real ones i picked up)
  30.  
  31. http traffic analysis (via cloudflare) for the last 30 days:
  32. http://i47.tinypic.com/10gfrdi.png -
  33. http://i50.tinypic.com/34gm2q9.png (challenged meaning; the attacker
  34. was presented with a captcha, because the IP subnet seemed malicious
  35. to cloudflare)
  36.  
  37. so long,
  38. azet
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top