Archive for March, 2007

March 20, 2007

w00tw00t.at.ISC.SANS.DFind

March 20th 2007 Posted to Articles, Linux

Well i’ve been having this problem for a long time, with script kiddies trying to run scans on my server with Dfind (http://class101.org ).

These are some of these request from the apache server logs

/var/log/httpd/access_log.2:80.237.172.185 – - [05/Mar/2007:09:20:47 -0800] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 299 “-” “-”
/var/log/httpd/access_log.2:83.71.188.242 – - [05/Mar/2007:16:25:40 -0800] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 299 “-” “-”
/var/log/httpd/access_log.2:213.254.226.49 – - [06/Mar/2007:05:11:47 -0800] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 299 “-” “-”
/var/log/httpd/access_log.2:216.30.246.14 – - [09/Mar/2007:08:56:12 -0800] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 299 “-” “-”
/var/log/httpd/access_log.3:80.237.211.76 – - [25/Feb/2007:07:46:16 -0800] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 299 “-” “-”
/var/log/httpd/access_log.3:83.71.188.242 – - [25/Feb/2007:17:51:23 -0800] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400 299 “-” “-”
/var/log/httpd/access_log.3:80.237.172.185 – - [27/Feb/2007:05:42:20 -0800] “GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1″ 400

 

All this while i’ve been lazy :D , but today i felt like trying something to fix it. What i’ve come up with is this

grep “w00tw00t” /var/log/httpd/access_log*|awk ‘{print $1}’|sed ’s/\(.*\)://g’|sort|uniq|cat /etc/apf/deny_hosts.rules -|sort|uniq

 

This is one of the things i wrote to get all the list of IPs from the Apache access logs who have been running these scans. Well the purpose of this is to feed these IPs to APF (http://www.rfxnetworks.com/apf.php ) the output of this is pumped to /etc/apf/deny_hosts.rules to block any of these lamers from further accessing my server ^_^

Only problem is for some strange reason, I couldn’t pipe the output of the command directly to /etc/apf/deny_hosts.rules. The file always ended up with output of "grep "w00tw00t" /var/log/httpd/access_log*|awk ‘{print $1}’|sed ’s/\(.*\)://g’|sort|uniq". Well maybe i’ll figure it out sometime later. SLEEPP!! awaits!!

Comments(0)

March 13, 2007

Django for Python

March 13th 2007 Posted to Articles, Open Source, Python

Django is a web-framework similar to Rails for Ruby, i’ve not worked on rails much thought but my friend vivek seems to be the "GURU" of rails =), but when he mentioned Django i just wanted to give it a try. From what i can say Django has been a no pain and all gain framework. Easy to setup and code. In the world of Web 2.0, isn’t that want we want. I had an old friend who ones said "Good Programmers are Lazy Programmers".I still remember your words, Hats-off to you Jacob!. That said, Django is pretty easy to get things started with, I won’t start with providing a tutorials for it, the site already has a great set of tutorials. You can also check out www.djangobook.com  which is a book in making for Django. One other interesting thing to check out is a video on Django at http://video.google.com/videoplay?docid=-70449010942275062&q=Django
 

If you have trouble figuring out Django you can also drop in at the IRC channel #django at irc.freenode.net 

Well thats it from me for a while, I’ve been feeling lazy lately :b 

Comments(0)

March 8, 2007

My very own 360°s

March 08th 2007 Posted to News

I finally got my XBOX 360, without a doubt the best console eva!

mmm, what have i been playing? 

  • Project Gotham Racing III (aka PGR III)
  • Dead or Alive 4
  • Crackdown
  • GRAW 2
  • Burnout Revenge
  • Kameo
  • Gears of War (My Favourite) :b
  • Ninety-Nine Nights

and now my very own gamecard, though iam still a n00b :(

Comments(0)