Blocage du jours
-
- 209.97.128.0/18
- 207.154.192.0/18
- 62.232.51.0/24
- 63.247.93.0/24
- 88.198.64.0/24
- 147.135.37.0/24
- 94.130.219.0/24
- 77.83.39.0/24
- 20.43.20.0/24
- 20.43.0.0/16
- 20.44.0.0/14
- 20.48.0.0/17
-
- 160.250.186.0/24
- 115.146.125.0/24
- 94.46.170.0/24
- 45.94.31.0/24
- 203.159.90.0/24
-
- 168.144.133.0/24
- 5.83.135.0/24
- 5.175.206.0/24
- 130.41.134.0/24
- 88.151.32.0/24
- 217.142.190.0/24
- 20.151.0.0/24
- 20.151.131.0/24
- 5.255.107.0/24
# grep "/xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 1 20.151.131.235 1 34.134.90.102 1 35.245.181.202 1 82.102.18.116 2 43.230.201.87 # grep "wp-login.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 1 20.151.131.235 1 205.210.31.22 1 45.207.34.222 2 185.194.178.76 2 20.151.0.198 3 217.142.190.120 28 130.41.134.7 337 5.175.206.114 571 5.83.135.102 934 168.144.133.239 -
-118.107.44.0/24
-143.198.93.0/24
-74.91.223.0/24
-173.212.252.0/24# grep "wp-login.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 6 118.70.190.36 6 209.235.136.137 6 69.174.252.9 6 88.99.65.119 8 103.185.212.159 8 162.214.79.109 8 173.212.252.15 10 208.109.189.74 10 74.91.223.229 934 143.198.93.228 -
# grep "wp-login.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 10 62.72.44.19 11 216.10.251.191 12 188.245.151.109 12 85.111.31.200 14 37.27.234.213 14 50.6.224.46 16 46.20.146.46 18 31.14.97.67 18 78.46.47.235 544 168.144.108.189 # grep "/xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 1 136.111.103.81 4 20.151.174.218 -
-
Singapore : https://scanitex.com/en/resources/ip-ranges/sg
Hong Kong : https://scanitex.com/en/resources/ip-ranges/hk -
Belarus : https://scanitex.com/en/resources/ip-ranges/by
# wc -l /etc/pve/firewall/cluster.fw 28022 /etc/pve/firewall/cluster.fw # du -sh /etc/pve/firewall/cluster.fw 66K /etc/pve/firewall/cluster.fw -
Corée du Nord : https://scanitex.com/en/resources/ip-ranges/kp
Pakistan : https://scanitex.com/en/resources/ip-ranges/pk -
-
Je pensais avoir bloqué Singapore mais non …
https://ipinfo.io/AS14061/159.223.64.0/20- 172.202.0.0/16
# grep "wp-login.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 2 20.116.59.164 2 35.229.206.236 2 46.224.234.158 2 51.195.105.137 2 64.22.104.200 2 64.226.120.21 2 66.102.135.126 5 172.202.92.73 6 148.251.171.211 1155 159.223.77.226 # grep "wp-login.php" /var/log/apache2/access.*.log.1 | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 20 51.178.41.230 20 82.196.25.136 20 95.216.117.13 22 57.128.47.115 24 50.6.207.27 24 78.159.107.235 24 82.165.73.78 24 84.247.129.9 28 150.60.181.111 32 31.24.155.180 -
# grep "wp-login.php" /var/log/apache2/access.*.log.1 | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 4 95.216.117.13 8 192.185.4.148 8 216.17.1.172 8 46.224.234.158 8 64.22.104.200 8 82.196.25.136 10 172.202.92.73 12 148.251.171.211 12 20.116.59.164 2310 159.223.77.226 -
# grep "wp-login.php" /var/log/apache2/access.*.log.1 | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 12 95.216.117.13 16 213.189.58.137 16 50.6.192.190 16 92.249.63.60 18 141.95.202.18 20 172.236.172.195 24 95.216.3.239 28 46.224.234.158 28 72.167.150.128 1714 161.33.16.68 # grep "wp-login.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 6 88.198.91.116 8 45.32.67.165 8 5.45.96.74 8 84.247.181.196 8 95.211.96.182 10 46.224.234.158 11 204.217.129.131 14 51.91.98.45 14 94.76.235.103 505 152.42.182.172 -
# grep "/xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 1 136.107.189.187 1 192.241.173.26 1 20.195.180.233 1 2.58.56.163 1 34.182.168.114 1 86.38.98.47 3445 39.98.173.163 -
# grep "wp-login.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 4 64.227.176.39 4 79.116.52.1 5 162.240.12.204 6 101.99.79.250 6 140.245.32.185 6 192.250.239.173 6 192.250.239.252 6 31.24.44.107 12 103.95.119.103 857 138.2.41.108 -
# grep "wp-login.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 3 162.240.228.207 3 62.146.228.149 3 84.246.215.129 3 91.98.140.41 4 216.251.35.204 4 46.36.36.119 4 62.77.224.67 8 72.167.50.103 9 38.49.217.60 1054 102.220.160.154 # grep "xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 1 194.5.82.93 1 194.5.82.94 1 34.178.7.245 1 34.61.201.74 1 45.92.1.243 4 34.6.71.112 121 82.102.18.190 122 143.244.57.123 2880 136.119.117.153 -
M247 LTD Paris Infrastructure => 82.102.18.0/24
https://ipinfo.io/82.102.18.190 -
# grep "xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 4 34.178.114.95 4 34.91.17.240 1613 35.237.191.185 2491 208.76.40.197 # grep "wp-login.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 2 31.134.0.15 2 45.133.113.39 2 62.146.228.149 2 77.83.1.115 2 94.154.127.88 3 206.232.0.131 4 195.3.220.7 4 72.167.50.103 11 191.102.132.209 831 208.76.40.197 -
Deux ranges de Google …
- 34.52.128.0/17
- 34.21.128.0/17
# cat /var/log/apache2/error.notes-ssl.log | awk '{print $11}' | sed 's/:/ /g' | awk '{print $1}' | sort -n |uniq -c 151 34.21.238.40 5 34.29.8.182 383 34.52.240.244 1 34.88.199.190 1 35.192.224.81 -
Encore des attaques de Google …
Blocage de 34.6.0.0/16 et 136.107.128.0/17.# grep "xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 2 20.3.183.228 4 34.6.41.208 4 34.7.211.197 4 34.90.161.15 74 35.222.153.104 87 34.90.48.51 121 136.112.158.96 121 34.150.145.129 2149 136.107.233.1 5031 34.6.0.214
Bonjour ! Vous semblez intéressé par cette conversation, mais vous n’avez pas encore de compte.
Marre de refaire défiler les mêmes messages ? Créez un compte pour retrouver votre position, recevoir des notifications des nouvelles réponses, sauvegarder vos favoris et voter pour les messages que vous appréciez.
Grâce à votre participation, ce message peut devenir encore meilleur 💗
S'inscrire Se connecter