ipsum
sshesame
Our great sponsors
ipsum | sshesame | |
---|---|---|
10 | 3 | |
1,309 | 1,394 | |
- | - | |
2.7 | 0.0 | |
3 days ago | about 1 year ago | |
Go | ||
The Unlicense | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ipsum
- Lists of IPv4 abuse IPs
-
List of Blocklists in pfSense ?
Yeah pfsense uses pfblockerNG, but you can add you own blocklists from several open sources. Some of them are: IPsum, Ellio, MISP. https://github.com/stamparm/ipsum https://feed.ellio.tech https://www.misp-project.org/download
- blocking all traffic from attacking IPs?
-
Hackers exploit WordPress plugin flaw that gives full control of millions of sites
ConfigServer Security and Firewall (csf) using this list. https://github.com/stamparm/ipsum
- Cosa ne pensate dell'utilizzo di blacklist di IP malevoli per ridurre i bot che scansionano siti alla ricerca di vulnerabilità?
-
DShield Block List
Any plan release some of other block lists like https://github.com/stamparm/ipsum
- Do you use blacklists / IP threat intelligence and are they helpful?
-
So I opened up one port on my network for an SFTP server, and in just the last 7 days there have been 611 attempts to log into it... It's always interesting to see the usernames that try to log in, so I pulled them and sorted them all out.
Do yourself a favor and load up your iptables with the ipsum blacklist.
- Vendor-independent IP/DNS-block-list
- Shodan Lifetime $4 USD
sshesame
- Reminder to secure your homelab: I forgot to turn off SSH on my NAS 5 days ago after using it briefly and had almost 900 attacks since then. Fortunately SSH was not running on default 22 port and access was blocked on the Synology and no passthrough to SSH from my router.
-
relationship goals
there's also this other thing called sshesame which gives the attacker a fake shell to run commands in. i ended up with a 30gb logfile within a few months lol
-
So I opened up one port on my network for an SFTP server, and in just the last 7 days there have been 611 attempts to log into it... It's always interesting to see the usernames that try to log in, so I pulled them and sorted them all out.
I started an SSH honeypot project with the goal of finding out what these attackers (bots mainly) would do if they did get in.
What are some alternatives?
blocklist-ipsets - ipsets dynamically updated with firehol's update-ipsets.sh script
endlessh - SSH tarpit that slowly sends an endless banner
minerstat-os - msOS - Open Source Mining OS. Repository moved, no longer using github
pshitt - Passwords of SSH Intruders Transferred to Text
firehol - A firewall for humans...
honeytrap - Advanced Honeypot framework.
shodan-filters - A list of shodan filters
gnupg - Patches to GnuPG smartcard support (bigger keys, better error handling)
gnupg - The GNU Privacy Guard. NOTE: Maintainers are not tracking this mirror. Do not make pull requests here, nor comment any commits, submit them usual way to bug tracker (https://www.gnupg.org/documentation/bts.html) or to the mailing list (https://www.gnupg.org/documentation/mailing-lists.html).
vssh - Go Library to Execute Commands Over SSH at Scale