February 05, 2005
More bad guys IPs

Bad guys really like my server lately, in the last couple of days I have seen three attempted attacks on my server with trackback floods from 74 unique IPs. Most are probably open proxies, trojaned machines or who-the-heck-knows-what, but still bad guys.

So.. a choice of:

  1. Entire list
    Entire list with iptables syntax
  2. New additions since last list
    New additions with iptables syntax
  3. Original list
    Original list with iptables syntax

I'm working on automating the collection and retrieval of these based on some clever rules.

Posted February 05, 2005 12:52 PM in Blog Spammer Blacklist
TrackBack URL for this entry: http://www.unix-girl.com/mt/mt-tb.cgi/1454
Comments
On February 5, 2005 02:36 PM incogniot added:

Wow with this new rules I am up to 164 rules....

Let me know if/when you have a script to detect these ip lists. I too will run the scipt and we can share the results.

My rules + your rules are at http://www.undesignatedblog.com/new_rules.txt

#
On February 6, 2005 10:46 AM Angel added:

Thank you for the list Kasia. I have noticed a ton in my logs as well. I added them to my firewall rules.

#
On February 7, 2005 01:20 PM Chris added:

What about those of us who aren't fortunate enough to host our own sites? I use IPTables on my home connection, but I don't have access to IPTables on my leased server in Chicago.

Whatever the case, I've started using MT-Blacklist v2.04 Beta. Works quite well. I still need to figure out how to integrate a list of IPs like the one you posted. However, it has daily updates with new IPs, so I think I'm pretty well covered.

-Chris

#
Trackbacks