[Coco] [Color Computer] country blocked
Gene Heskett
gene.heskett at verizon.net
Sat Jul 18 23:29:59 EDT 2009
On Saturday 18 July 2009, Dave Kelly wrote:
>Gene Heskett wrote:
> My router alone is dropping over 800
>
>> such attacks a day on average. And I'm pretty much invisible except for
>> my web server, whose address I post very sparingly.
>
>Gene....
>Where to you obtain this count, I would like to check my site.
>
>D
From 'logwatch'. But I have a link from the routers logging to my logging so
all the rejects and drops show up in my log, making it very large indeed by
the time logrotate runs on sunday mornings.
As for the link, I'm not sure how its setup. I was attempting to get it to
write to its own log via a samba share, and it wound up going to my messages
log instead. This is while running dd-wrt on an old slow x86 box, no drives,
just a cf adapter on the end of an ide cable, with the dd-wrt image written to
the flash card, a 512megger, but could be as small as a 32 meg cf card as the
image and its nonvolatile data only uses maybe 15 megs. The logwatch format
looks like this in the daily email it sends me:
--------------------- iptables firewall Begin ------------------------
Listed by source hosts:
Dropped 772 packets on interface ppp0
From 24.32.108.249 - 2 packets to tcp(445)
From 24.32.226.82 - 2 packets to icmp(8)
From 24.43.218.90 - 2 packets to tcp(445)
From 24.101.193.115 - 2 packets to icmp(8)
From 24.109.249.54 - 2 packets to tcp(445)
From 24.232.102.112 - 2 packets to tcp(445)
From 38.99.13.116 - 4 packets to tcp(80)
From 41.103.25.77 - 2 packets to tcp(445)
From 41.104.21.216 - 2 packets to tcp(445)
From 41.105.45.191 - 2 packets to tcp(445)
From 41.202.90.6 - 2 packets to tcp(445)
etc till its listed all of them in the last 24 hours.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
The NRA is offering FREE Associate memberships to anyone who wants them.
<https://www.nrahq.org/nrabonus/accept-membership.asp>
You cannot achieve the impossible without attempting the absurd.
More information about the Coco
mailing list