This is just the 1000 last lines of my nginx log
Stuff that’s good:
- fail2ban + AbuseIPDB API
- ssh: + endlessh
- iocaine
Just for reference, my abuseipdb stats.
Edit: added iocaine link
I’m struggling to find iocaine - what is it?
Odorless, tasteless, and dissolves instantly in liquid and is among the more deadly poisons known to man.
Oops, forgot that its name is literally ripped from a well-known book-thing, so search results won’t be good. So here’s the link: https://iocaine.madhouse-project.org/
- fail2ban + AbuseIPDB API
What are you using to view this? Nushell?
You can put fail2ban to look for specific keywords and ban them if they keep trying. I did that a while back and my servers are in a much better spot. IP black/block lists also help.
One crowdsec instance later the scan connections went down to not a lot.
I’m curious how much those blacklists change over time
That’s from my webserver, green is community, yellow is local.
