[VoiceOps] Web Attacker Blacklist
J. Oquendo
sil at infiltrated.net
Tue Oct 22 09:57:30 EDT 2013
Going to cross post this to the list (I know some of us
criss-cross lists). Reasoning, a lot of IP PBXs have
web based interfaces, and some need to be on the public
Internet.
---
Cobbled together a script to scrape my logs, parse out web
based attackers (SQLi, XSS, CSRF, etc) and compile said list
for blacklisting. Script is pulling from 6 different web
servers for now. I may add more later depending on whether
or not I see a lot of usage.
http://www.infiltrated.net/webattackers.txt
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM
"Where ignorance is our master, there is no possibility of
real peace" - Dalai Lama
42B0 5A53 6505 6638 44BB 3943 2BF7 D83F 210A 95AF
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF
More information about the VoiceOps
mailing list