
1327681194
But ... it works on IPduh Search
n:~#cat get-webscanners.sh #!/bin/bash #find web-scanning kiddies, g0 2011 #good chance to practice my Spanish counting skills CERO='phpMyAdmin-2.2.6' UNO='phpMyAdmin-2.2.3' DOS='webadmin' TRES='sqlmanager' CUATRO='phpMyAdmin-2.8.1-rc1' CINCO='databaseadmin' SEIS='scripts/setup.php' SIETE='/phpmyadmin/scripts/setup.php' OCHO='/php-my-admin/scripts/setup.php' NUEVE='/p/m/a/scripts/setup.php' LOG="./apache.log" #hits,IP address list DUMMIES="./dummies.ip" #hits,url to more info about the IP address DIPHTM="./dummies.htm" cat $LOG | egrep "$CERO|$UNO|$DOS|$TRES|$CUATRO|$CINCO|$SEIS|$SIETE|$OCHO|$NUEVE" | awk '{print $1}' | sort | uniq -c | sort -nr | awk '{print $1","$2}' > $DUMMIES cat $DUMMIES | awk -F"," '{print $1",<a href=http://ipduh.com/ip/?"$2">"$2"</a>
"}' > $DIPHTM
n:~$./get-webscanners.sh n:~$cat dummies.ip |wc -l 59 n:~$cat dummies.ip 210,69.90.135.132 152,81.91.214.93 107,212.116.138.195 103,72.167.39.179 ... 1,
n:~$cat -n dummies.ip 1 210,69.90.135.132 2 152,81.91.214.93 3 107,212.116.138.195 4 103,72.167.39.179 5 103,216.13.56.89 ... 32 10,188.138.92.62 ... 59 1, n:~$for i in `cat dummies.ip |head -32|awk -F"," '{print $2}'`;do iptables -A INPUT -s $i -j DROP;iptables -A OUTPUT -d $i -j DROP;done
n:~#whois -h whois.arin.net "n 2001:500:1::dead:beef"
n:~#whois -h whois.arin.net "n + 2001:500:1::dead:beef"
n:~#cat ./apache.log |head -1 192.0.2.4 - - [27/Apr/2011:17:51:21 +0200] "GET / HTTP/1.1" 200 2150 "-" "funky browser"
n:~#cat ./apache.log | awk '{print $1}' | sort | uniq -c | sort -nr | awk '{print $1",<a href="http://ipduh.com/ip/?$2">"$2"</a> "}' > ip.htm
root@n:~# named-checkzone -d zone.example.com /PATH/db.zone.example.com