blog

Ubuntu UFW script to block failed auth attempts

Posted on

I whipped this up (and it’s not sexy) to block failed authentication attempts on a few POSTFIX servers I manage.  I might use fail2ban if things get out of hand but currently the server just has UFW (Uncomplicated FireWall) that’s built into the Ubuntu OS. #!/bin/bash # Get all the authentication failures from the mail […]

blog

TLD blocking in POSTFIX MTA

Posted on

I was looking at how how I might block TLD’s (Top Level Domains) with the POSTFIX MTA and I couldn’t do it using a pcre table – most of the stuff I found used pcre.  When I did an apt-get to install it on my Ubuntu Mail Server it wanted to uninstall and upgrade a […]

blog

CPanel firewall-d ports

Posted on

I’ve read all over the Interwebs about firewalld and everyone makes it so complicated…in a way. I use firewalld on my CentOS servers which many run CPanel.  I had a problem with cphulk today and I accidentally rebooted it (ctrl + alt + del crap on a VM with a keyboard snafoo…fat finger…ugh!). So two […]

blog

Nexeon! That’s what I’m talk’in BOUT!

Posted on

I emailed the Nexeon abuse email today and this is their reply! Hello, The client who had this range with us has had their account terminated and has been marked on a shared list between many hosting companies as an abusive user. We thank you for your report and apologize for any inconvienances caused by […]

blog

No wonder the hackers are winning!

Posted on

I put in an abuse report a moment ago with a company named QuadraNet: I put this down for a while and had to come back to it, it’s been several day snow and I still haven not heard back.  Here is their auto responder to my inquiry about abuse:   Your abuse report has […]

blog

Review your logs!

Posted on

Reviewing your logs sounds boring but it’s a necessity.  You can easily have an ssh session open in a small putty window while tailing a log while doing other work and if you glance at it once in a while you might see interesting things. For example, hacker losers of the world like to dump […]

blog

TLD block how to on CPanel & why it matters

Posted on

TLD – that means “Top Level Domain” like .com, .net, .edu, and the like…all TLD’s we’re familiar with.  In their infinite wisdom ICAAN started allowing anyone and their brother with $100k to make their own (partly a money grab, partly needed with IPv6’s expansion of available IP’s on the interwebs). This means TLD’s are ever […]

blog

Sharing is caring – useful IPs and scripts

Posted on

Tired of the hacker losers ruining your day? Out of the kindness of my heart…from me to you…from Whackers for hackers to your firewall with love and butterfly kisses…here’s my IP blocks that I’m using on my web server.  Be aware this currently blocks: Networks: (Thanks to: ipdeny.com) <– individual lists available there.  (Update:  The […]

blog

Hacker Bots

Posted on

Hacker bots are irritating.  A web server or some other server online gets hacked, malware gets installed and suddenly the server starts attacking other servers. Here’s an example of a “POST” to jam in WordPress logon credentials, a.k.a “Brute Force” your logon: 124.123.76.91 – – [11/Aug/2016:16:30:48 -0400] “POST /wp-login.php HTTP/1.1″ 200 1571 “-” “Mozilla/5.0 (Windows […]

blog

Brute Force Losers

Posted on

Brand new hacker loser testing the tripwire.  I think things are heating up with me blabbing about taking it to the hacker losers.  They are attacking my website by name LOL.  Bring it on hacker losers.  I will contact every $&%^#@’ing ISP on the planet as I see you and report you.  You harass me […]

blog

fregat.ua – GOOD Ukranian ISP!

Posted on

I had this abuse report less than 1 hour went by and it was taken care of.  You can’t even get that in the %$&@’ing USA!  Thank you to Alex Tokarchuk who’s information was accurate on the whois lookup with respect to the abuse@ email. Submitted abuse report to Alex: Hi, Abuse, they are trying […]

blog

Endurance International Group, Inc – hacker hosting! (BlueHost + HostGator + more…)

Posted on

Are you ready for Internet scandal, intrigue and corruption like you haven’t read about before?!  Buckle up…here we go! I blogged about that stupid website a while back that was phishing for Google accounts:  http://torresramos.com.mx/article/index.php (read about it here) I’ve been trying to get it shut down for the past 2 weeks.  What’s annoying is […]

blog

Hacked GMail

Posted on

Oh goodie!  A new tactic by the loser hackers!  Although all our firewalls by default block IP’s located in the country of Mexico THAT’S NOT ENOUGH! This hacker hacked a GMail account > then sent a PDF attachment with a “button” that had a link in it.  That link takes you to a URL of:  […]