On 12 November 2013 22:52, Sam Moats <s...@circlenet.us> wrote: > We used to use a small perl script called tattle that would parse out the > /var/log/secure on our *nix boxes, isolate the inbound ssh exploits, lookup > the proper abuse contacts and report them. I haven't seen anything similar > in years but it would be interesting to do more than null route IPs.
We also used to have a script which did something similar but for more than just inbound ssh, for the most part this was ineffective. D. blaze your trail -- Daniël W. Crompton <daniel.cromp...@gmail.com> <http://specialbrands.net/> <http://specialbrands.net/> http://specialbrands.net/ <http://twitter.com/webhat> <http://www.facebook.com/webhat><http://plancast.com/webhat><http://www.linkedin.com/in/redhat>
