Automated Abuse Reporting
For the past few days I've been tinkering with the idea of automated abuse reporting. I started out writing a little python script to grab the whois data for a specific IP address and parse out email addresses. Once more I'm moved by the power and simplicity of regular expressions, but I'm hugly frustrated by the fact that all the Regional Internet Registries don't use a common whois format! I know it's not realistic to have a totally common format, but a parsable abuse contact field should not be that hard. I'd rather not send a form letter to every email address in the whois record, as I'm not a fan of spam. Maybe I should start making enquiries...
Other than that, the filtering is working fine. Blocked a few more IP's. I've taken the limit down to 5/60 because slow scans were still getting too many attempts in.
So, my next quest is to start improving my IPv6 filter rules. I think the hard part is going to be finding a shell account on a machine on an IPv6 network that's not mine. Anyone out there feeling helpfull?
As if anyone reads this stuff anyway! I think I'll go directly to plan B and test drive the fair queing so I don't get lagged out playing WoW while downloading Fedora Core 4...
Other than that, the filtering is working fine. Blocked a few more IP's. I've taken the limit down to 5/60 because slow scans were still getting too many attempts in.
So, my next quest is to start improving my IPv6 filter rules. I think the hard part is going to be finding a shell account on a machine on an IPv6 network that's not mine. Anyone out there feeling helpfull?
As if anyone reads this stuff anyway! I think I'll go directly to plan B and test drive the fair queing so I don't get lagged out playing WoW while downloading Fedora Core 4...
posted by Chris Read at 21:46
1 Comments:
Hey dude...
That's perfect! Thanks.
Chris
Post a Comment
<< Home