Go Down

Topic: OT: black listed on my server firewall (Read 142 times) previous topic - next topic

travis_farmer

ok, so i put my server on the internet to make sure everything was up to snuff, and somebody has already tried to hack it. i blacklisted their IP addresses though, though they probably have a dynamic IP anyway.

so far, they haven't cracked the firewall. but it is a good test of the security i have setup.

Suricata IDS/IPS running with up to date rules, as well as shorewall (shoreline firewall). plus my router has a firewall, and to my knowledge, only port 80 is open to the public. so, shall i post the blacklist for "public shaming"?

~Travis
"A problem clearly stated, is a problem half solved" - Fortune Cookie.
Server Rack monitor: in use, so far it works.
DCC++ Train layout: On hold, pending space

travis_farmer

added 123.56.218.29

Code: [Select]
123.56.218.29 - - [14/Mar/2017:04:06:56 -0400] "GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1" 404 239 "-" "ByZr"
123.56.218.29 - - [14/Mar/2017:04:06:57 -0400] "GET /phpMyAdmin/scripts/setup.php HTTP/1.1" 404 226 "-" "ByZr"
123.56.218.29 - - [14/Mar/2017:04:06:57 -0400] "GET /phpmyadmin/scripts/setup.php HTTP/1.1" 404 226 "-" "ByZr"
123.56.218.29 - - [14/Mar/2017:04:06:58 -0400] "GET /pma/scripts/setup.php HTTP/1.1" 404 219 "-" "ByZr"
123.56.218.29 - - [14/Mar/2017:04:06:58 -0400] "GET /myadmin/scripts/setup.php HTTP/1.1" 404 223 "-" "ByZr"
123.56.218.29 - - [14/Mar/2017:04:06:59 -0400] "GET /MyAdmin/scripts/setup.php HTTP/1.1" 404 223 "-" "ByZr"
123.56.218.29 - - [14/Mar/2017:04:06:59 -0400] "GET  HTTP/1.1" 400 226 "-" "-"


~Travis
"A problem clearly stated, is a problem half solved" - Fortune Cookie.
Server Rack monitor: in use, so far it works.
DCC++ Train layout: On hold, pending space

travis_farmer

#2
Mar 14, 2017, 09:54 pm Last Edit: Mar 15, 2017, 08:02 am by Coding Badly
Quote
Spammy links removed by moderator.
not sure i follow? i was posting an IP address that i blocked from my server on my firewall. I don't think i was soliciting for websites...

~Travis
"A problem clearly stated, is a problem half solved" - Fortune Cookie.
Server Rack monitor: in use, so far it works.
DCC++ Train layout: On hold, pending space

Coding Badly


travis_farmer

@travis_farmer, it was spam.


i figured, after i posted. thanks! :D

~Travis
"A problem clearly stated, is a problem half solved" - Fortune Cookie.
Server Rack monitor: in use, so far it works.
DCC++ Train layout: On hold, pending space

Go Up
 


Please enter a valid email to subscribe

Confirm your email address

We need to confirm your email address.
To complete the subscription, please click the link in the email we just sent you.

Thank you for subscribing!

Arduino
via Egeo 16
Torino, 10131
Italy