lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue Feb 21 14:12:40 2006
From: jlay at slave-tothe-box.net (James Lay)
Subject: Compromised host list - some clarification...

So ok.....I'm completely positive I didn't make myself clear at all in
my previous message...go me!  Here's a web site that I did manage to
find that has a current list of open proxies:

http://www.samair.ru/proxy/index.htm

My hope is that I could find a site that has a list of currently
reported open proxies, scanners, and ssh brute force boxes.  The RBL's
pretty much have smtp covered.  I would run a cron job at midnight, wget
and grep the file, then create an iptables table to block those hosts.
This is an attempt to be more proactive then reactive...if I knew those
hosts that were actively doing naughty things, why not block them at
the get go?

Does this make sense?  Am I barking up the wrong tree?  Thanks all =)

James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ