[Devops] Topics next devops meetup

Aaron Zauner azet at azet.org
Wed Jun 20 14:34:32 CEST 2012


hi everyone!

sorry, i was really tierd yesterday (the heat is killing me!), but i
think everyone got the bigger picture (thx @ michael renner for
clarifying a lot of things).

short link writeup:
- http://www.fail2ban.org/wiki/index.php/Main_Page
- https://github.com/azet/fail2ban_serve_notice/blob/master/fail2ban_serve_notice.sh
(experimental! use with caution)
- http://www.cloudflare.com/
- http://www.projecthoneypot.org/home.php
- http://www.ietf.org/rfc/rfc2142.txt

the script will be extended & debugged. if i got enough time in the
next weeks i'll add API interfacing to cloudflare/projecthoneypot.
does anyone know similar projects (hannes mentioned something)?

my server currently only serves 22 and 80 (with the latter beeing
barely used) with a small amout of request -> thus i get a relatively
small amout of break-in/ddos attempts.
typical bouncing chinese mail adresses: bill.pang at bj.datadragon.net,
apnic at xjcnc.net, hostmaster at public1.nc.jx.cn, zhy0607 at public.ty.sx.cn,
sxiptech at shanxitele.com, anti-spam at mail.jxptt.zj.cn [...] (these are
real ones i picked up)

http traffic analysis (via cloudflare) for the last 30 days:
http://i47.tinypic.com/10gfrdi.png -
http://i50.tinypic.com/34gm2q9.png (challenged meaning; the attacker
was presented with a captcha, because the IP subnet seemed malicious
to cloudflare)

so long,
azet



More information about the Devops mailing list