286
edits
Changes
Jump to navigation
Jump to search
Line 43:
Line 43: + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
→Analyses and Diagnostics
3568 www.domain3.de
3568 www.domain3.de
..
..
</pre>
==== Analyse Spam Bots ====
get IP Adresses from Spambots (here xovibot) to update the Firewalls
do:
<pre>
sudo cat /var/log/apache2/access.log|grep xovibot.net| awk '{ print $2 }' | sort | uniq -c | sort -n > x.log
</pre>
System Echos:
<pre>
46 212.224.119.143
52 185.53.44.101
54 212.224.119.140
59 185.53.44.104
62 212.224.119.142
71 185.53.44.102
75 185.53.44.103
80 185.53.44.67
80 212.224.119.141
83 185.53.44.68
87 185.53.44.43
...
</pre>
manual update to ufw firewall (can be done automatic too, but can take you offline for search engines if the do 404)
do:
<pre>
$sudo ufw insert 1 deny from 185.53.44.0/24 to any # insert rule
$sudo service ufw force-reload # force update firewall
$sudo ufw status numbered # test status
</pre>
</pre>