[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Automatic abuse reports

Subject: Automatic abuse reports
From: daniel.crompton at gmail.com (Daniël W. Crompton)
Date: Wed, 13 Nov 2013 01:15:13 +0100
In-reply-to: <[email protected]>
References: <Pine.LNX.4.64.1311122255060.7242@crisp> <[email protected]>

On 12 November 2013 22:52, Sam Moats <sam at circlenet.us> wrote:

> We used to use a small perl script called tattle that would parse out the
> /var/log/secure on our *nix boxes, isolate the inbound ssh exploits, lookup
> the proper abuse contacts and report them. I haven't seen anything similar
> in years but it would be interesting to do more than null route IPs.


We also used to have a script which did something similar but for more than
just inbound ssh, for the most part this was ineffective.

D.


blaze your trail

-- 
Dani?l W. Crompton <daniel.crompton at gmail.com>

<http://specialbrands.net/>

<http://specialbrands.net/>
http://specialbrands.net/

       <http://twitter.com/webhat>
<http://www.facebook.com/webhat><http://plancast.com/webhat><http://www.linkedin.com/in/redhat>

References:
- Automatic abuse reports
  - From: jonas at bjorklund.cn (Jonas Björklund)
- Automatic abuse reports
  - From: sam at circlenet.us (Sam Moats)

Prev by Date: CPE dns hijacking malware
Next by Date: Automatic abuse reports
Previous by thread: Automatic abuse reports
Next by thread: Automatic abuse reports
Index(es):
- Date
- Thread