Search

Recent Posts

Tags

« Previous Entries

GeoIP origins of malicious network activity

Sunday, April 28th, 2013

I have previously written that GeoIP data is not a reliable source for definitive data analysis – it is, however, a reasonable indicator.  The numbers below are from a single server (logged during the past few years) and don’t really provide any surprises.  Some things to keep in mind: raw IP information is only an Continue reading →

Banning ‘Bad’ Robots & Crawlers

Saturday, February 4th, 2012

Every now and then I see web traffic spikes due to ‘bad’ web crawlers – So what is a ‘bad bot’ or ‘bad web crawler’ or ‘bad web spider’? Virtual Rights – do we have any? Not really –  I think that we should have expectations of non-abusive access to any resource that we have Continue reading →

Blocking ssh server attacks (11/2011)

Monday, November 7th, 2011

During the past few days (early November, 2011) I have been seeing a rash of ssh connection attempts.  I did a quick check and I note that others are posting about similar attacks.  The current attack ‘pattern’ is fairly simple: connection attempts are made every few seconds apparent IP addresses source countries vary quite a Continue reading →

Reporting Network Abuse and/or Hacked Systems

Monday, September 26th, 2011

**Who Ya Gonna Call? Before we can figure out where to send network/system abuse reports to we need to understand who might actually be responsible, or, who might accept responsibility for the resource/network from whence  possible abuse is originating… With the slate of high profile reported system and network ‘hacks’ in 2011 you might think Continue reading →

Linux GeoIP Firewall via iptables (using ipset)

Saturday, September 24th, 2011

In a previous post using GeoIP data with xtables-addons was discussed. CAVEAT – GeoIP data changes constantly – if you implement such a solution then make sure that you also add some sort of auto-data-update process.  Also, GeoIP filtering does not provide any guarantee that a system from ‘filtered IP space’ cannot access your resource Continue reading →

« Previous Entries

________________________________________________
YOUR GeoIP Data | Ip: 73.21.121.1
Continent: NA | Country Code: US | Country Name: United States
Region: | State/Region Name: | City:
(US only) Area Code: 0 | Postal code/Zip:
Latitude: 38.000000 | Longitude: -97.000000
Note - if using a mobile device your physical location may NOT be accurate...
________________________________________________

Georgia-USA.Com - Web Hosting for Business
____________________________________