 The Following Takes Place On 13:49:22
CURRENT LISTAs time has not allowed me to fully maintain the bruteforce list, I offer you the following sources for up to the minute information:
Thanks to those who assisted me with contacting administrators of some of these machines in hopes of cleaning them up. Dave @ REN-ISAC, Gadi Evron, the botnet list members, some NANOG and UNISOG members. Wish I could have maintained this list, but I've felt as most people have turned a blind eye to the filth on their networks. Thanks to those who continue to work on cleaning up shop, I really wish I had time for it all. If you're looking for sharpener, its still here and in use sort of... I've modified it to cull Project Honeypot, Atlas and danger.rules and compile a list of the worst of the worst. If anyone is interested in the script shoot me off an email. But if you're simply looking for an automated list compiled from the above sources, you can gleen this culprits by clicking here. To automate iptable rules using awk and cron you can try something like:
wget -qO - infiltrated.net/blacklisted|\
grep -vi [aA-zZ]|awk '{print "iptables -A BLACKLISTED -s "$1" -i eth0 -j DROP"}'|grep -v " \-s \-i "
Remember to do iptables -N BLACKLISTED first in case the rules are overwhelming, you can flush them out with iptables -F BLACKLISTED.This list will be active since it is automated but I will not be parsing out which networks are doing what nor contacting anyone any longer.
/ sil
echo "contact" ; wget -qO - http://www.infiltrated.net/pimp|\ ruby -lne 'puts STDIN.readlines.reverse!.slice(0,2).reverse!;#sucker'|\ perl -p -e 's/[0-9]//g;s/X/ /g'|\ ruby -pe '$_ = $_.chomp + " " + gets if $. % 2' |