Jump to content
IGNORED

Hacker IP address


moonlight_mile

Recommended Posts

I don't know if anyone cares, but I started a little text file of suspected Hacker IP addresses.  I culled these addresses from the Busy BBS output.  I checked the country of origin and they are china, Russia and Turkey.

 

I just downloaded the log from busy bbs from the past few days, I still need to go through it but I am hoping not too many hacker ips are on it.

 

I have since then blocked the IP addresses in the windows firewall.  Feel free to add to the list or use the list for your own bbs.

 

Maybe at some point we can format it nicely and put it somewhere, where sysops of all kinds can contribute to it, but for now, it is just a bare bones text files with the info needed.

Blocked IPs.txt

  • Like 1
Link to comment
Share on other sites

So just to clarify... are these "hackers" who look to be trying to gain access?  Or "bots" who just call/hang up, spew garbage characters, etc?

 

I actually would like to maintain a list so we can put them into our firewalls or whatnot.

 

Link to comment
Share on other sites

1 hour ago, Tillek said:

So just to clarify... are these "hackers" who look to be trying to gain access?  Or "bots" who just call/hang up, spew garbage characters, etc?

In all likelihood, what you're seeing is effectively the background noise of the Internet.  99.99999% of it is going to be automated tools looking for vulnerabilities; the remainder is someone actually actively at a keyboard.

 

My recommendation: don't bother with an IP list.  The idea has merit, but given how rapidly the sources of these problems (assuming that they're legitimate sources to begin with) change, keeping the list updated would be a full-time job.  Even then, its accuracy wouldn't be the greatest.

 

My best suggestion: run pfsense or similar as a firewall.  Familiarise yourself with its Intrusion Detection and Intrusion Prevention System (IDS / IPS) capabilities, and configure it to automatically block unwanted traffic for a set period of time - say, 15 minutes.  That'll prevent automated tools from being useful, frustrate anyone trying to actively exploit any vulnerabilities you may have facing the Internet, and take the load off of you to keep updating a list.

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...