wdes/security
1
0
Fork 0
Code Actions Packages Releases Activity
332 Commits 1 Branch 4 Tags
b6df40fbc3d1f3b5fa65c8f9fadb278c4f4ddaa7
Commit Graph

15 Commits

Author SHA1 Message Date
William Desportes
0cd0a54bee Add new bad IPs 2024-03-06 12:49:43 +01:00
William Desportes
46dd6c9b38 Add new bad IPs 2023-10-06 11:01:09 +02:00
William Desportes
db72705104 Add more bad IPs that tried to login to email services 
Logs:
    300 91.224.92.110
     51 141.98.10.132
     50 141.98.11.53
     48 141.98.11.84
     48 141.98.10.131
     47 141.98.11.67
     46 185.36.81.58
     45 141.98.11.52
     22 141.98.11.83
     20 112.199.95.199
     16 141.98.10.150
 2023-09-08 10:57:15 +02:00
William Desportes
b009965eb1 Add more scanners, adding the full /24 since most IPs are very bad: https://www.abuseipdb.com/check-block/205.210.31.0/24 2023-08-13 12:06:13 +02:00
William Desportes
5a6c207c42 [data] Add one more IP trying weird stuff and 100% score on AbuseIP DB 2023-08-06 14:23:02 +02:00
William Desportes
942723146c [data] Add one more IP trying weird stuff and 100% score on AbuseIP DB 2023-08-06 13:56:53 +02:00
William Desportes
c3ae00f037 Add more bad IPs 
IP(50): 141.98.11.53 - 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110
IP(51): 141.98.10.132 - 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110
IP(72): 154.127.53.41 - 154.33.0.0 - 155.3.255.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(78): 85.215.94.1 - 85.214.0.0 - 85.215.255.255 : DE-TECT-20050224
IP(90): 45.146.55.231 - 45.146.55.0 - 45.146.55.255 : VCUS-45-146-55-0
IP(126): 185.241.208.53 - 185.241.208.0 - 185.241.211.255 : NL-LEGACO-20180116
IP(132): 189.177.186.233 - 189.0.0.0 - 190.92.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(138): 218.85.202.248 - 218.0.0.0 - 220.158.195.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(150): 103.139.45.73 - 103.85.36.0 - 103.192.159.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(460): 20.78.36.222 - 14.102.240.0 - 23.19.47.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(556): 201.103.117.233 - 201.49.192.0 - 201.148.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(1703): 141.98.10.150 - 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110
IP(5136): 80.94.95.206 - 80.94.95.0 - 80.94.95.255 : BT-HOSTER

NET(1): 14.102.240.0 - 23.19.47.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["20.78.36.222"]
NET(1): 45.146.55.0 - 45.146.55.255 : VCUS-45-146-55-0 -> ["45.146.55.231"]
NET(1): 80.94.95.0 - 80.94.95.255 : BT-HOSTER -> ["80.94.95.206"]
NET(1): 85.214.0.0 - 85.215.255.255 : DE-TECT-20050224 -> ["85.215.94.1"]
NET(1): 103.85.36.0 - 103.192.159.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["103.139.45.73"]
NET(1): 154.33.0.0 - 155.3.255.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["154.127.53.41"]
NET(1): 185.241.208.0 - 185.241.211.255 : NL-LEGACO-20180116 -> ["185.241.208.53"]
NET(1): 189.0.0.0 - 190.92.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["189.177.186.233"]
NET(1): 201.49.192.0 - 201.148.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["201.103.117.233"]
NET(1): 218.0.0.0 - 220.158.195.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["218.85.202.248"]
NET(3): 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110 -> ["141.98.11.53","141.98.10.132","141.98.10.150"]
 2023-07-15 15:38:46 +02:00
William Desportes
eea32de73a Add more bad IPs 2022-12-09 23:45:03 +01:00
William Desportes
27dfddaef0 Add new bad IPs from crowdsec alerts list for emails 2022-11-21 21:40:30 +01:00
William Desportes
984627f4c6 Add more hacking emails IPs 2022-11-12 19:08:57 +01:00
William Desportes
c73ab8e070 Add more attacking IPs 
Most for postfix attacks majority are postscreen-rbl
 2022-11-12 18:56:37 +01:00
William Desportes
bf18ac538f Remove duplicates 2022-11-07 15:02:10 +01:00
William Desportes
c2e40487df Add more bad IPs that did more than 10 attacks found in my logs 
IP(11): 94.46.179.75
IP(14): 5.34.207.243
IP(20): 60.167.113.234
IP(20): 114.102.34.118
IP(20): 114.99.130.40
IP(20): 212.192.219.146
IP(20): 223.240.209.152
IP(21): 60.167.53.218
IP(21): 117.64.225.169
IP(21): 117.68.193.203
IP(21): 185.225.73.88
IP(31): 81.161.229.108
IP(31): 185.128.27.106
IP(42): 94.46.179.80
IP(43): 34.64.224.143
IP(57): 2.58.46.138
IP(69): 77.81.139.90
IP(72): 20.125.124.9
IP(72): 143.198.18.3
IP(76): 5.253.204.58
IP(82): 156.96.119.125
IP(90): 20.41.119.26
IP(110): 5.34.207.171
IP(112): 5.34.207.157
IP(113): 5.34.207.187
IP(119): 93.177.75.74
IP(136): 176.111.173.26
IP(150): 185.104.186.2
IP(194): 5.34.207.248
IP(383): 5.34.207.242
IP(386): 5.34.207.237
IP(388): 5.34.207.234
IP(423): 52.165.31.20
IP(503): 45.95.243.8
IP(557): 194.165.16.67
IP(588): 103.153.79.225
IP(614): 5.34.207.152
IP(1775): 141.98.11.17
IP(2120): 141.98.10.194
IP(2455): 141.98.10.108
IP(2467): 141.98.10.81
IP(2485): 91.224.92.110
IP(2505): 141.98.11.37
IP(2554): 45.125.65.37
IP(2701): 141.98.11.112
IP(2702): 141.98.10.84
IP(2727): 45.125.66.22
IP(2741): 45.125.65.159
IP(2767): 141.98.11.119
IP(2798): 141.98.11.81
IP(2798): 141.98.11.74
IP(2812): 141.98.10.24
IP(2816): 45.125.66.24
IP(2816): 141.98.11.113
IP(2818): 45.125.66.55
IP(2830): 141.98.11.51
IP(2848): 141.98.10.27
IP(2860): 141.98.10.70
IP(2869): 141.98.11.75
IP(2878): 141.98.10.203
IP(2899): 141.98.11.19
IP(2902): 141.98.10.217
IP(2908): 141.98.11.95
IP(2959): 141.98.10.82
IP(8585): 5.34.207.172
IP(9417): 5.34.207.116
IP(10728): 5.34.207.48
IP(11617): 87.246.7.75
IP(54742): 5.34.207.225
 2022-11-07 14:56:50 +01:00
William Desportes
72324ebe39 Add more bad IPs: 
Reasons:
212.70.149.71
EMAIL SPAM
45.141.101.215
EMAIL SPAM [RU]
212.70.149.72
EMAIL SPAM [GB]
23.94.218.159
EMAIL SPAM [USA]
5.34.207.225
EMAIL AUTH HACKS
103.153.79.225
EMAIL AUTH HACKS [Vietnam]
5.34.207.48
EMAIL AUTH HACKS
87.246.7.75
EMAIL AUTH HACKS
141.98.11.81
EMAIL AUTH HACKS
87.246.7.75
HIGH EMAIL AUTH HACKS
141.98.11.81
EMAIL AUTH HACKS
114.102.34.118
EMAIL AUTH HACKS [CN]
103.153.79.225
EMAIL AUTH HACKS
194.165.16.67
EMAIL AUTH HACKS
45.95.243.8
EMAIL AUTH HACKS
52.165.31.20
EMAIL AUTH HACKS
185.104.186.2
EMAIL AUTH HACKS
176.111.173.26
EMAIL AUTH HACKS
93.177.75.74
EMAIL AUTH HACKS
176.59.7.53
WTF ??
217.66.157.45
Strange port scans
209.142.101.67
Strange try to access port 17843
2.185.78.229
Strange port scans
20.29.94.192
EMAIL AUTH HACKS
 2022-11-07 14:47:44 +01:00
William Desportes
f445a46381 Add bad-ips 
Reason for : 2.57.122.118
- wdes/dovecot-pop3-plain-login
 2022-11-07 14:39:50 +01:00