[VoiceOps] Web Attacker Blacklist

J. Oquendo sil at infiltrated.net
Tue Oct 22 09:57:30 EDT 2013


Going to cross post this to the list (I know some of us
criss-cross lists). Reasoning, a lot of IP PBXs have
web based interfaces, and some need to be on the public
Internet.

---

Cobbled together a script to scrape my logs, parse out web
based attackers (SQLi, XSS, CSRF, etc) and compile said list
for blacklisting. Script is pulling from 6 different web
servers for now. I may add more later depending on whether
or not I see a lot of usage.

http://www.infiltrated.net/webattackers.txt

-- 
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM

"Where ignorance is our master, there is no possibility of
real peace" - Dalai Lama

42B0 5A53 6505 6638 44BB  3943 2BF7 D83F 210A 95AF
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF


More information about the VoiceOps mailing list