Blocage du jours
-
Encore des attaques de Google …
Blocage de 34.6.0.0/16 et 136.107.128.0/17.# grep "xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 2 20.3.183.228 4 34.6.41.208 4 34.7.211.197 4 34.90.161.15 74 35.222.153.104 87 34.90.48.51 121 136.112.158.96 121 34.150.145.129 2149 136.107.233.1 5031 34.6.0.214 -
# grep "wp-login.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 4 89.251.0.173 4 89.251.0.178 4 89.251.0.183 4 91.98.140.41 5 84.246.215.129 6 192.250.239.252 9 66.29.156.133 10 168.63.79.147 14 209.42.20.53 1707 129.212.238.200 -
# grep "xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 3 74.208.212.238 4 34.90.161.15 6 62.164.177.223 26 62.164.177.224 54 62.164.177.222 110 35.202.159.4 121 136.112.204.59 404 34.21.18.152 1141 35.205.209.104 3446 219.152.63.187 -
J’ai ouvert un ticket chez Google … Ticket Reference ID: YRC5QRVIEEOXATF2QPMTLWG2JE .
A suivre. -
# grep "xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 1 194.5.48.130 1 203.25.124.15 1 203.25.124.203 1 203.25.124.222 1 212.32.76.59 2 108.137.8.107 2 36.212.183.29 2 84.17.43.213 4 34.141.187.11 4500 162.243.212.182 -
Aie …
# grep "xmlrpc.php" /var/log/apache2/access.*.log.1 | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 4 194.5.48.130 4 36.212.183.29 4 84.17.43.213 8 34.141.187.11 8 34.158.89.172 8 34.32.236.161 242 136.113.189.75 242 34.121.222.169 242 34.31.215.6 9000 162.243.212.182 -
Taille actuelle :
# du -sh /etc/pve/firewall/cluster.fw 72K /etc/pve/firewall/cluster.fw # wc -l /etc/pve/firewall/cluster.fw 30886 /etc/pve/firewall/cluster.fw -
Encore attaque via Google .
# zgrep "xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 1 194.5.48.104 1 194.5.48.109 1 194.5.48.159 1 194.5.48.162 1 219.136.244.21 1 219.136.244.38 2 192.42.116.15 3 194.5.48.118 3 194.5.48.132 3396 34.158.164.29 -
Comme toujours Google LLC : https://ipinfo.io/8.231.242.192?lookup_source=search-bar
# zgrep "xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 1 146.70.40.70 1 159.223.43.16 1 194.5.48.114 1 194.5.48.138 2 194.5.48.180 2726 8.231.242.192 -
Comme toujours Google LLC : https://ipinfo.io/34.158.164.29?lookup_source=search-bar
# zgrep "xmlrpc.php" /var/log/apache2/access.*.log.1 | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 2 194.5.48.167 2 194.5.48.170 2 194.5.48.173 2 219.136.244.21 2 219.136.244.38 4 192.42.116.15 6 194.5.48.118 6 194.5.48.132 8 34.141.187.11 6792 34.158.164.29 -
Aspiration de mon GIT par 39.100.0.0/14 … Hangzhou Alibaba Advertising Co.,Ltd.
Utilisaton de 1235 IP différentes afin de ne pas être bloqué.
Du beau travail … -
2# zgrep "xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 1 194.5.48.147 1 194.5.48.152 1 194.5.48.155 1 84.17.60.236 1 95.91.239.129 4 34.141.193.233 4 34.32.178.242 4 34.34.43.119 2314 136.111.202.87 16265 152.42.253.231Blocage de 152.42.240.0/20 : Digital Ocean.
Blocage de 136.111.0.0/16 : Google LLC. -
91.92.40.173 | Hopel, AS197170, VPN Not Detected
Get Details for IP 91.92.40.173: Hosted by TechTies Inc., located in Hopel, AS197170. View ranges, ASN info, and related IPs.
(ipinfo.io)
Blocage de 91.92.40.0/24
# grep "wp-login.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 2 207.246.106.68 2 213.128.70.19 2 217.160.212.27 2 45.198.224.5 2 68.183.22.192 3 188.240.191.168 4 104.37.86.14 4 162.254.36.150 5 103.13.112.90 1288 91.92.40.173 -
157.245.57.78 | Singapore, AS14061, VPN Not Detected
Get Details for IP 157.245.57.78: Hosted by DigitalOcean, LLC, located in Singapore, AS14061. View ranges, ASN info, and related IPs.
(ipinfo.io)
# zgrep "xmlrpc.php" /var/log/apache2/access.*.log | sed 's/:/ /g' | awk '{print $2}' | sort -n | uniq -c | sort -n | tail -10 405 45.91.22.64 408 45.91.22.77 413 45.91.22.95 418 45.91.22.62 420 45.91.22.68 420 45.91.22.97 422 45.91.22.59 426 45.91.22.75 431 45.91.22.65 15224 157.245.57.78
Bonjour ! Vous semblez intéressé par cette conversation, mais vous n’avez pas encore de compte.
Marre de refaire défiler les mêmes messages ? Créez un compte pour retrouver votre position, recevoir des notifications des nouvelles réponses, sauvegarder vos favoris et voter pour les messages que vous appréciez.
Grâce à votre participation, ce message peut devenir encore meilleur 💗
S'inscrire Se connecter