On 2/28/19 9:21 AM, DcUK wrote:
..
>
> The aur/iprange package is another alternative for manipulating IP lists.
>
> It can optimize/merge/compare/convert in pretty much any way you like.
Thanks - wasn't aware of this one either. A quick glance at source and
it seems to be IPV4 only with no IPV6
On Tue, Feb 26, 2019 at 04:25:37PM -0500, Genes Lists via arch-general wrote:
> On 2/26/19 4:01 PM, brent s. wrote:
>
> ...
> >
> > You can (Gene, you may find this particularly useful since you feed to
> > ipset) use the pyroute2.IPSet() function to actually manage the live
> >
>
> Great thank
On 26/02/2019 23:25, Genes Lists via arch-general wrote:
> On 2/26/19 4:01 PM, brent s. wrote:
>
> ...
>> You can (Gene, you may find this particularly useful since you feed to
>> ipset) use the pyroute2.IPSet() function to actually manage the live
>>
> Great thank you - I wasn't aware of this capa
On 2/26/19 4:01 PM, brent s. wrote:
...
>
> You can (Gene, you may find this particularly useful since you feed to
> ipset) use the pyroute2.IPSet() function to actually manage the live
>
Great thank you - I wasn't aware of this capability. I really like
python! ipset made a huge difference - ma
On 26/02/2019 23:01, brent s. wrote:
> On 2/26/19 1:20 PM, Genes Lists via arch-general wrote:
>> On 2/26/19 1:13 PM, Juha Kankare via arch-general wrote:
>>> On 26/02/2019 20:11, Genes Lists via arch-general wrote:
>> ...
>>> My current script is just pulling cn.zone from ipdeny.com. This looks
>>
On 2/26/19 1:20 PM, Genes Lists via arch-general wrote:
> On 2/26/19 1:13 PM, Juha Kankare via arch-general wrote:
>> On 26/02/2019 20:11, Genes Lists via arch-general wrote:
> ...
>>
>> My current script is just pulling cn.zone from ipdeny.com. This looks
>> super useful, I'm saving it. Thank you
On 02/26/2019 06:40 AM, Juha Kankare via arch-general wrote:
> I'm getting a lot of connections from China it seems. Whenever I check
> my journalctl, it's an andless wall of nginx complaints about a single
> ip spamming requests fro different php files. This happens with hundreds
> of ip's, and
On 2/26/19 1:13 PM, Juha Kankare via arch-general wrote:
> On 26/02/2019 20:11, Genes Lists via arch-general wrote:
...
>
> My current script is just pulling cn.zone from ipdeny.com. This looks
> super useful, I'm saving it. Thank you dude!
>
You're welcome.
I just ran it on cn.zone and it redu
On 26/02/2019 20:11, Genes Lists via arch-general wrote:
> Just an FYI if you pull cidr blocks by country, either doing it
> yourself directly from arin et al or by using someone elses list like
> ipdeny.com the CIDR blocks are not necessarily compacted.
>
> i.e. it is often not the most minima
Just an FYI if you pull cidr blocks by country, either doing it
yourself directly from arin et al or by using someone elses list like
ipdeny.com the CIDR blocks are not necessarily compacted.
i.e. it is often not the most minimal CIDR representation. I use is
this little python script, which w
@Juha why not feel comfortable sharing the location of the server?
On Tue, Feb 26, 2019 at 9:44 AM Juha Kankare via arch-general <
arch-general@archlinux.org> wrote:
> On 26/02/2019 18:40, Ralph Corderoy wrote:
> > Hi Juha,
> >
> >>> It's why I keep my SSH servers on a non-standard port. I know i
On 26/02/2019 18:40, Ralph Corderoy wrote:
> Hi Juha,
>
>>> It's why I keep my SSH servers on a non-standard port. I know it
>>> doesn't prevent someone from discovering it, but it cuts out 99.99%
>>> of all those attacks, being able to filter out connection attempts
>>> to port 22
>> Same. For eas
Hi Juha,
> > It's why I keep my SSH servers on a non-standard port. I know it
> > doesn't prevent someone from discovering it, but it cuts out 99.99%
> > of all those attacks, being able to filter out connection attempts
> > to port 22
>
> Same. For easy ports to remember, I like to combine powers
On 2/26/19 5:05 PM, Andy Pieters wrote:
On Tue, Feb 26, 2019 at 4:02 PM Zorro via arch-general
wrote:
I see this happen on my SSH server.
The journal is full of these failed login attempts.
Haven't checked from where those login atttempts come from though.
It makes it hard to find something i
On 26/02/2019 18:05, Andy Pieters wrote:
> On Tue, Feb 26, 2019 at 4:02 PM Zorro via arch-general
> wrote:
>> I see this happen on my SSH server.
>>
>> The journal is full of these failed login attempts.
>> Haven't checked from where those login atttempts come from though.
>>
>> It makes it hard t
On 26/02/2019 18:02, Zorro via arch-general wrote:
> On 2/26/19 1:40 PM, Juha Kankare via arch-general wrote:
>> I'm getting a lot of connections from China it seems. Whenever I check
>> my journalctl, it's an andless wall of nginx complaints about a single
>> ip spamming requests fro different php
On Tue, Feb 26, 2019 at 4:02 PM Zorro via arch-general
wrote:
> I see this happen on my SSH server.
>
> The journal is full of these failed login attempts.
> Haven't checked from where those login atttempts come from though.
>
> It makes it hard to find something in the journal.
It's why I keep
On 2/26/19 1:40 PM, Juha Kankare via arch-general wrote:
I'm getting a lot of connections from China it seems. Whenever I check
my journalctl, it's an andless wall of nginx complaints about a single
ip spamming requests fro different php files. This happens with hundreds
of ip's, and tens of time
Eric
From: arch-general on behalf of Juha
Kankare via arch-general
Sent: Tuesday, February 26, 2019 10:06:47 AM
To: arch-general@archlinux.org
Cc: Juha Kankare
Subject: Re: [arch-general] HTTP spam from China
On 26/02/2019 14:40, Juha Kankare via arch-general wrote:
> I'm
On 26/02/2019 14:40, Juha Kankare via arch-general wrote:
> I'm getting a lot of connections from China it seems. Whenever I check
> my journalctl, it's an andless wall of nginx complaints about a single
> ip spamming requests fro different php files. This happens with hundreds
> of ip's, and tens
On 26/02/2019 15:10, Felix Yan via arch-general wrote:
> On 2019/2/26 下午8:40, Juha Kankare via arch-general wrote:
>> I'm
>> curious as to why this happens, and if anyone else has had the same
>> problem.
> Because your IP might have joined the Chinese firewall poison party:
> https://news.ycombin
On 2019/2/26 下午8:40, Juha Kankare via arch-general wrote:
> I'm
> curious as to why this happens, and if anyone else has had the same
> problem.
Because your IP might have joined the Chinese firewall poison party:
https://news.ycombinator.com/item?id=8931827
--
Regards,
Felix Yan
signature.
On Tue, 26 Feb 2019 12:40:17 +, Juha Kankare via arch-general wrote:
>I already made a shellscript to block all connections from China, but
>I'm curious as to why this happens, and if anyone else has had the
>same problem.
A few years ago I experienced such an issue with mails from another
nat
On 26/02/2019 14:55, Bjoern Franke via arch-general wrote:
> On 26.02.19 13:40, Juha Kankare via arch-general wrote:
>> I'm getting a lot of connections from China it seems. Whenever I check
>> my journalctl, it's an andless wall of nginx complaints about a single
>> ip spamming requests fro diffe
On 26.02.19 13:40, Juha Kankare via arch-general wrote:
> I'm getting a lot of connections from China it seems. Whenever I check
> my journalctl, it's an andless wall of nginx complaints about a single
> ip spamming requests fro different php files. This happens with hundreds
> of ip's, and tens
I'm getting a lot of connections from China it seems. Whenever I check
my journalctl, it's an andless wall of nginx complaints about a single
ip spamming requests fro different php files. This happens with hundreds
of ip's, and tens of times daily. Has anyone else been hit by this. I
already ma
26 matches
Mail list logo
