we have blocked 931487 IP's now.
useful Links
- www.fail2ban.org
- Example Configuration Debian 5
- Example Configuration Debian 6
- The Global Reporting Project
- Example Report (postfix)
- Example Report (ssh, again)
- stopforumspam.com
N e w s:
27.01.2012X-ARF-Validator fixed and online
21.12.2011
since 20.12 T12am, we dont send new reports, because the database field for the report-id was to small. Is now fixed.
03.12.2011
Blocklist is now running on a ex6 and 2 webserver
05.11.2011
The Spamer register Accounts in other Forums and Blogs with @blocklist.de This User/Comments are not from blocklist.de! Please create a Police Report against the spaming IP!
04.11.2011
A Server 178.73.218.201 (wserv201.woodcrane.com) has send over 7000 registrations and a lot of contactforms and creating over 7000 konsole-h-ac counts with @blocklist.de..... The case is open on the police.
04.08.2010
The IP-Lists are now included in www.ipvoid.com.
PC infected / slow?
Our Reporting-Tool.
If you want to use Blocklist.de without Fail2Ban.
Here you can use our X-ARF-Validator -> https://www.blocklist.de/en/xarf-validator.html to check or validate your X-ARF-Reports.
Please contact us and we can report your Fail2Ban-Reports so long our Software Reporting-Tool is not finished for the public using.
We worked on the last Modules whois-parsing and rewrite. When the two Modules are finished, we can start a Beta. Now we can reporting 1.000 Fail2Ban-Mails in 300 Seconds. With Modul DB, ReRePorting, Blackl-/Whitelist (all without ASN), the Time is the same.
The Modul ASN get the AS-Data from cymru.com and needs so (when is activat) for 1.000 Mails over 3.000 Seconds.
You can found our API-Documentaiton under the following link: http://www.blocklist.de/en/api.html
Also you can use our Data via DNS
Howto, Tipps and a ToDo-List are aviable in the Forum under https://forum.blocklist.de.
create Reports without Fail2Ban:
When you dont used Fail2Ban, but a other Software or Script, so you can send us the Attacks as a Mail in the following Format (Body only in Text/Plain):Subject: [Fail2Ban] servicename: banned $ip-address
Body of Mail:
---------------------------------------------
Text....
Here are more information about $ip-address:
Whois-Output, is not required (optional)
Lines containing IP$ip-address:
here the Logfiles (required)
Regards,
Fail2Ban
---------------------------------------------