fortypoundhead.com

dwirch

Joined:
2005-01-01
08:24

Last Seen:
2017-08-18
18:27

Posted on:
2017-07-23
06:58

New security implemented

Report Back to Forum Back to All Forums

Due to the large number of security exploit and spam attempts from particular regions and netblocks, I've implement blocking of certain network blocks.

If you pay attention to the Malicious IP Checker and it's data, you might notice entries like this:

 

IP Address Date Banned Last Seen Ban Reason
212.7.220.13 7/23/2017 6:45:52 AM 7/23/2017 6:45:52 AM IP From Banned Netblock [PL - Poland - Dediserv]
212.7.220.13 7/23/2017 6:45:47 AM 7/23/2017 6:45:47 AM IP From Banned Netblock [PL - Poland - Dediserv]
212.7.220.13 7/23/2017 6:45:39 AM 7/23/2017 6:45:39 AM IP From Banned Netblock [PL - Poland - Dediserv]
144.12.26.18 7/23/2017 6:45:32 AM 7/23/2017 6:45:32 AM IP From Banned Netblock [CN - China]
46.19.86.146 7/23/2017 6:26:43 AM 7/23/2017 6:26:43 AM IP From Banned Netblock [NL - Netherlands - RIPE NCC]
123.125.125.182 7/23/2017 6:19:05 AM 7/23/2017 6:19:05 AM IP From Banned Netblock [CN - China]

I've noticed a decided uptick in attempted SQL injection attempts from China, Russia, Ukraine, Poland, and a few other places, so I've decided to try the heavy handed approached and block those locations from access to the site.

Users from those sites who reside in the blocked networks may get inadvertantly get banned. Sorry about that. You can place the blame on your neighbors.

dwirch

Joined:
2005-01-01
08:24

Last Seen:
2017-08-18
18:27

Posted on:
2017-08-08
06:43

Report Back to Forum Back to All Forums

I've removed the viewing of banned network data from the Malicious IP Checker home screen.  It was just too overwhelming.  The data is still there, and I'll make it available, if anyone would like to see it.  

There are still a lot of SQL injection attempts coming in from other random IP addresses, which are insta-banned.  Note that I do check the banned IP addresses daily, and if there are more than five attempts coming from a Class C network, that entire netblock gets blocked as well.

You must be logged in order to post a reply.



Recent Forum Posts

Malicious IP Checker Companion Tool
dwirch posted on August 12, 2017 at about 20:24 in Site News

Job Spammer: Steve Adams
dwirch posted on August 8, 2017 at about 7:44 in Spammers

New security implemented
dwirch posted on August 8, 2017 at about 6:43 in Site News

New security implemented
dwirch posted on July 23, 2017 at about 6:58 in Site News

Fold Code Manager into main KB?
VB6Boy posted on July 22, 2017 at about 14:42 in Site News

Fold Code Manager into main KB?
dwirch posted on July 22, 2017 at about 14:41 in Site News