Sunday 20 February 2011

Name and shame

My computer sits on the net full time in the DMZ of my network. For years its been setup this way and of course I have a LOT of attempts to hack in.
I eventually thought I would setup a new way of logging these attempts but wanted a more public listing of them. Thats when I came up with my twitter idea.
The plan, collect all these attempts and send them to a feed on twitter in real-time. Once the feed is working correctly, write a daemon to monitor the feed and plug it back into /etc/host.deny......
So my initial work is done and via a few Perl scripts I send it out to  https://twitter.com/breakinlog. It is now very surprising how many hacking attempts are made on my computer, 9602 since the beginning of the year. Also surprising is that I have maintained 10 followers (turn over is about 10/month) for the 6 months of the project so far.
People will follow anything, even auto generated logging.....
So where to now?  Writing the client side scripts to watch the feed :)

No comments:

Post a Comment