Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script
Author Message
koun
New Member
New Member


Joined: Mar 01, 2004
Posts: 8

PostPosted: Thu May 13, 2004 6:41 am Reply with quote

First of all i wanna say thanks for that great script.

I have a question that has to do with the IPs that the script give as a result.

I try a greek Ip and it gives as result Amsterdam ?
For example 212.251.25.29 is a greek IP that was trying to hack my site but the result from your script was:

Quote:
OrgName: RIPE Network Coordination Centre
OrgID: RIPE
Address: Singel 258
Address: 1016 AB
City: Amsterdam
StateProv:
PostalCode:
Country: NL
 
View user's profile Send private message
sixonetonoffun
Spouse Contemplates Divorce


Joined: Jan 02, 2003
Posts: 2496

PostPosted: Thu May 13, 2004 8:37 am Reply with quote

Its just grabbing what the query from Only registered users can see links on this board! Get registered or login! returns.
What result does searching the IP at Only registered users can see links on this board! Get registered or login! return when you just visit the site and do the search manually?
 
View user's profile Send private message
blith
Client


Joined: Jul 18, 2003
Posts: 977

PostPosted: Thu May 13, 2004 8:44 am Reply with quote

I have a lot of IPs that return that address, even after visiting ARIN and entering it manually. How can we find out where it really is?
 
View user's profile Send private message Visit poster's website
GanjaUK
Life Cycles Becoming CPU Cycles


Joined: Feb 14, 2004
Posts: 633
Location: England

PostPosted: Thu May 13, 2004 8:44 am Reply with quote

I dont think I have ever seen it return anything but Amsterdam.

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
sixonetonoffun
PostPosted: Thu May 13, 2004 8:49 am Reply with quote

Yeah I get the same result with SamSpade using arins.

NeoTrace does a better job and brings up Greece. This is just a limitation of arins not much we can do about that.
 
Rikk03
Worker
Worker


Joined: Feb 16, 2004
Posts: 164

PostPosted: Thu May 13, 2004 5:05 pm Reply with quote

Is there anyway to block lots of ip addresses ........1000s with ease? Why do i ask, - well if you were not aware, - peerguardian added all of the hackers of the confirmed nuke community (nukecops extensive lists) to their memory sucking semi firewall. A useful tool against hackers.

The relatively new protowall is far better (that can use the same ip list as peerguardian) - blocking 99% of popup ads - if updated regularily. You can do updates with blocklist manager, a program that downloads multiple ip lists from various sources that are maintained by various user groups - resulting in blocking of ads, nuke hackers and most governmental organisations - a result of being a tool of file sharing freaks.

I just wish there was a way to add this list to block these bad users from my remote server! I know about the nukecops script ........does it even still work now the site is being sold?

Any ideas?

Regards

Richard


Last edited by Rikk03 on Thu May 13, 2004 5:14 pm; edited 1 time in total 
View user's profile Send private message
Rikk03
PostPosted: Thu May 13, 2004 5:09 pm Reply with quote

Raven, were you involved in this nukecops project?
 
Rikk03
PostPosted: Thu May 13, 2004 5:12 pm Reply with quote

I guess i could just add the 2092634007 known bad user ips to my htaccess file .......lol
 
sixonetonoffun
PostPosted: Thu May 13, 2004 5:48 pm Reply with quote

lmao Ravens on a trip. I don't believe he had any direct involvment in that project.

I'd be a little afraid of the false pos rate of the script yet. Is the ban based on the html file or csv??? I haven't been over there. I'd think if its in a csv format one could use your favorite (Uses the term loosely) spreadsheet app to import a mass list.
 
sixonetonoffun
PostPosted: Thu May 13, 2004 5:52 pm Reply with quote

I should add in principal I'm a little against an automated banning system that doesn't set a time limit be a day week or month before it removes the ban. But don't tell them let me TM the idea lol first!!!!
 
Rikk03
PostPosted: Thu May 13, 2004 11:45 pm Reply with quote

csv - kinda, and that block list program can convert the layout of the list to suit - export to different firewalls. Its just a question of what is the best layout to work with?
 
sixonetonoffun
PostPosted: Fri May 14, 2004 9:20 am Reply with quote

I dunno how they are doing it at all but I would think it would be easy to make it automatically available to the htaccess or hosts file for people who don't have firewall level access. I think that would be faster and most complete then calling it into the mainfile.php. But I'll just shut up because now we've givin away 2 good ideas wink*

How about you give us a complete review when your up and running?
 
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Fri May 14, 2004 10:55 pm Reply with quote

Rikk03 wrote:
Raven, were you involved in this nukecops project?
Laughing - sure - right Laughing NOT!
 
View user's profile Send private message
Rikk03
PostPosted: Fri May 14, 2004 11:55 pm Reply with quote

Hi Raven,

Good trip?
 
Raven
PostPosted: Sat May 15, 2004 11:06 am Reply with quote

Still in Indiana. Don't know how long. Not a good trip - we have to put my dad in a nursing home next Wednesday Crying or Very sad
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Hack Attempt Script

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©