Posts about computing and computing related matters
Posted on by Steve | Category: Computing, Sad Spammers
I use fail2ban to protect my server. I additionally report the IP addresses to AbuseIPDB But Forum spam is a big problem as anyone with a blog will know I have Akismet configured, which pretty much stops it all from ever appearing, but that doesn’t stop them from repeatedly posting spam. I looked at various […]
Posted on by Steve | Category: Canalplan, Computing, Witterings
Finally took the big leap and moved the site off WordPress and onto Classic Press. There are several reasons for this with the primary ones being WordPress’s bloated code base and its jetpack plugin trying to basically make everyone else’s plugins obsolete. The other reason was Gutenberg – I hated block editing with a vengeance […]
Posted on by Steve | Category: Computing, Rants, Sad Spammers
So I upgraded Fail2ban and so had to restart it. As it stores it’s bans in a database it can restore them at start up. And what a depressingly long list it is for the botnet: 2017-08-05 14:58:20,149[dovecot-disconnect] Ban 1.163.34.115 2017-08-05 14:58:21,110[dovecot-disconnect] Ban 1.175.2.48 2017-08-05 14:58:23,213[dovecot-disconnect] Ban 1.175.27.62 2017-08-05 14:58:24,683[dovecot-disconnect] Ban 1.180.64.86 2017-08-05 14:58:27,764[dovecot-disconnect] Ban […]
Posted on by Steve | Category: Computing
Its still going: Jun 12 18:41:25 Debussy dovecot: imap-login: Disconnected (auth failed, 1 attempts in 9 secs): user=<colin@some.domain.here>, method=PLAIN, rip=36.7.79.21, Jun 12 18:42:01 Debussy dovecot: imap-login: Disconnected (auth failed, 1 attempts in 8 secs): user=<colin>, method=PLAIN, rip=113.240.237.10, Jun 12 19:11:58 Debussy dovecot: imap-login: Disconnected (auth failed, 1 attempts in 9 secs): user=<drtone@some.domain.here>, method=PLAIN, rip=218.201.83.148, Jun […]
Posted on by Steve | Category: Computing
As a follow on to my post about the slow cycle bot net it now looks like its slowing down (i.e. Fail2ban has blocked most of the compromised machines).
Posted on by Steve | Category: Computing
Anyone who runs a server is used to it to being attacked by compromised machines which target their SSH services, their web services and their email services. The attack on the email services takes two forms : either trying to relay email through the SMTP server or trying to break into the POP3 server using […]
Posted on by Steve | Category: Computing, Sad Spammers
Its the list of usual suspects – China featuring high in the list of machines trying to break into servers (no surprises there) and OVH : 89.248.174.27 60.173.16.74 161.0.153.110 123.214.172.84 218.27.147.130 120.203.25.58 41.110.189.60 62.99.78.120 155.4.33.255 223.241.247.6 218.5.3.45 46.181.62.158 221.3.236.94 114.251.196.28 113.195.181.52 117.245.8.29 184.168.116.130 41.134.156.241 211.103.155.236 216.248.98.187 180.166.246.174 103.238.15.67 58.62.55.130 190.185.133.243 111.16.48.137 222.177.182.10 166.62.88.83 58.242.164.10 122.144.136.211 […]
Posted on by Steve | Category: Computing, Sad Spammers
I tightened up the fail2ban rules after looking at my mail logs. The result is impressive but at the same time depressing … so many machines trying to break into my server. Several from GoDaddy…. I guess they’re starting to sit in the same place as OVH when it comes to hosting scum.
Posted on by Steve | Category: Computing
Well I’ve moved the blogs over to https… it was a bit of a pain and I was really starting to bash my head against the wall with Lets Encrypt’s utilities. But then I stopped trying to be clever and used certbot-auto –manual certonly I then provided a list of the subdomains I wanted to […]