Author Archives: Steve

Spring Cleaning

We’ve got some furniture arriving from the USA in a week or so and so we’ve been working on making space in the house for it and also making sure that there is space to bring it into the house … Continue reading

Posted in Uncategorized | Tagged , | Leave a comment

My Poor Neglected Blog

Was it really in 2017 that I last posted on here? I guess it must have been. Since then I’ve been boating several times with two week long holidays to Llangollen and a round trip round the West Midlands and … Continue reading

Posted in Witterings | Tagged , , , | Leave a comment

State Sponsored hacking?

So yesterday my site got hit by a large number(140) of Chinese IP addresses  all trying to login to my site. Fail2 ban blocked them and sent me lots of emails: Then this morning another pile of Chinese IP addresses … Continue reading

Posted in Sad Spammers | Tagged , , , | 2 Comments

More Botnet stats

So I upgraded Fail2ban and so had to restart it. As it stores it’s bans in a database it can restore them at start up. And what a depressingly long list it is for the botnet: 2017-08-05 14:58:20,149[dovecot-disconnect] Ban 1.163.34.115 … Continue reading

Posted in Computing, Rants, Sad Spammers | Tagged , | Leave a comment

Botnet stopped…

Either its been taken off line or I’ve blocked all its IPs. No more new additions for over 24 hours:   Status for the jail: dovecot-disconnect |- filter | |- File list: /var/log/mail.log | |- Currently failed: 0 | `- … Continue reading

Posted in Uncategorized | Tagged , | 2 Comments

Botnet still chugging along

Its still going: Jun 12 18:41:25 Debussy dovecot: imap-login: Disconnected (auth failed, 1 attempts in 9 secs): user=<colin@some.domain.here>, method=PLAIN, rip=36.7.79.21, Jun 12 18:42:01 Debussy dovecot: imap-login: Disconnected (auth failed, 1 attempts in 8 secs): user=<colin>, method=PLAIN, rip=113.240.237.10, Jun 12 19:11:58 … Continue reading

Posted in Computing | Tagged , | Leave a comment

Spammers really don’t get it do they?

Going through the spam comments on one of the sites I found the following: Yes that’s right… 3 comments on the SAME post from the SAME IP address… how could that not be spam?  

Posted in Sad Spammers | Tagged , | Leave a comment

Bot Net slowing down

As a follow on to my post about the slow cycle bot net  it now looks like its slowing down (i.e. Fail2ban has blocked most of the compromised machines).

Posted in Computing | Tagged , , , | Leave a comment

A very large but sneakily slow bot-net?

Anyone who runs a server is used to it to being attacked by compromised machines which target their SSH services, their web services and their email services. The attack on the email services takes two forms : either trying to … Continue reading

Posted in Computing | Tagged , , , , | 1 Comment

Fail2Ban working hard

Graph courtesy of Monitorix:

Posted in Computing | Leave a comment