I'm workin an a HTBH (Honeypot Triggered Blackhole) project. Got the idea that honeypot traffic is non customer traffic and thus could be used to temp blackhole traffic on the border routers from originating IP's. This could also be used here. But it's still in design phase..
Ruben - ON3RVH
On 30 Apr 2017, at 15:22, lleachii--- via 44Net 44net@hamradio.ucsd.edu wrote:
(Please trim inclusions from previous messages) _______________________________________________ Brian,
That is rather odd that someone had the URL before it left your mind (and server)...the few hits you saw from me were to check if directory browsing is disabled.
Chris,
Do you run anything else on that server? Basically, I'm asking...is the only thing of value to a hacker on that device the data that comprises The Portal...?
Marc,
Sharing lists may be a solution. I may be willing to make my netflow available. In principal, I stopped blocking IPs and blocs in 2013 or 2014. It's become easier to generally firewall and monitor the various protocols/ports they're randomly trying to access. This is more so necessary in the ecosystem of the Internet of Things, where a device in Country A can infect a device in Country B, and spread to Countries C ad infinitum.
73,
- Lywnood
KB3VWG _________________________________________ 44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net