I am curious about other peoples' experiences dealing with bots and w has worked and what hasn't worked. If I understand the Mystic bot checker, it requires callers to press a specific key (usually Esc) within some time after connecting, and before presenting the login
Sounds very interesting, the extra features sound awesome. Looking forward to hearing more!
The bots sure are tenacious! I have been logging attempts to connect,
to see the default credentials being tested, and use these as keywords
to identify bots - for example, if someone connects and the first thing they type is 'root' - that's a bot. That triggers a temporary IP ban (which extends in duration each time it is triggered), which has worked well.
In the past couple weeks, 42 different times the IP 190.211.255.106 connected to me and was banned. The same IP connected another 141 times while banned.
5 different times the IP 153.0.123.152 connected to me and was banned. The same IP connected another 1248 times while banned!
I've had 2345 unique IPs trigger bans in the past month or so. It's at least kinda interesting to study. :)
Chris/akacastor
Sysop: | Gary Ailes |
---|---|
Location: | Pittsburgh, PA |
Users: | 132 |
Nodes: | 5 (0 / 5) |
Uptime: | 196:30:28 |
Calls: | 733 |
Files: | 2,171 |
Messages: | 81,876 |