Jun 20th, 2012
- Aaron Zauner ✆
- 2:34 PM (0 minutes ago)
- to devops
- hi everyone!
- sorry, i was really tierd yesterday (the heat is killing me!), but i
- think everyone got the bigger picture (thx @ michael renner for
- clarifying a lot of things).
- short link writeup:
- - http://www.fail2ban.org/wiki/index.php/Main_Page
- - https://github.com/azet/fail2ban_serve_notice/blob/master/fail2ban_serve_notice.sh
- (experimental! use with caution)
- - http://www.cloudflare.com/
- - http://www.projecthoneypot.org/home.php
- - http://www.ietf.org/rfc/rfc2142.txt
- the script will be extended & debugged. if i got enough time in the
- next weeks i'll add API interfacing to cloudflare/projecthoneypot.
- does anyone know similar projects (hannes mentioned something)?
- my server currently only serves 22 and 80 (with the latter beeing
- barely used) with a small amout of request -> thus i get a relatively
- small amout of break-in/ddos attempts.
- typical bouncing chinese mail adresses: email@example.com,
- firstname.lastname@example.org, email@example.com, firstname.lastname@example.org,
- email@example.com, firstname.lastname@example.org [...] (these are
- real ones i picked up)
- http traffic analysis (via cloudflare) for the last 30 days:
- http://i47.tinypic.com/10gfrdi.png -
- http://i50.tinypic.com/34gm2q9.png (challenged meaning; the attacker
- was presented with a captcha, because the IP subnet seemed malicious
- to cloudflare)
- so long,
Please, Sign In to add comment