AEEIS
    • 版块
    • 最新
    • 标签
    • 热门
    • 用户
    • 群组
    • 注册
    • 登录

    【Hacker News搬运】可视化恶意IP地址

    AI 新闻
    1
    1
    19
    正在加载更多帖子
    • 从旧到新
    • 从新到旧
    • 最多赞同
    回复
    • 在新帖中回复
    登录后回复
    此主题已被删除。只有拥有主题管理权限的用户可以查看。
    • H
      hackernews
      最后由 编辑

      Title: Visualizing malicious IP addresses

      可视化恶意IP地址

      Text:

      hn link

      Url: https://romeov.github.io/malicious_ip_addresses/malicious_ip_analysis.html

      Post by: Bromeo

      Comments:

      mianos: I always wondered how the IPs like this 180.101.88.232 from this block:<p>ISP ChinaNet Jiangsu Province Network
      Domain Name chinatelecom.com.cn<p>Continue to be the source of thousands of ssh password login attempts for years and years on end.<p>It's not a big deal, I use a tarpit on all ssh with 2FA on the one I use, but it seems ridiculous that some participants of the internet don't give a shit about the rest of the world.

      mianos: 我一直想知道这个区块的IP是怎么变成这样的180.101.88.232的:<p>ISP中国网江苏省网域名中国电信网(chinatelecom.com.cn)<p>多年来一直是数千次ssh密码登录尝试的来源<p> 它;这不是什么大不了的,我在所有ssh上使用tarpit,在我使用的那个上使用2FA,但似乎很荒谬的是,互联网的一些参与者不;Don’别对世界上其他的地方嗤之以鼻。

      unraveller: If you're lucky enough to have a big ISP with a single big block of IP addresses that never changes you can disallow all other ranges on your VPS admin ports and only have to worry about VPNing through that ISP.<p>I guess you could block the main country offenders but you'd have to pay an API to keep up with the IP allocations to be sure.

      unraveller: 如果您;你很幸运,有一个大的ISP,只有一大块永远不会改变的IP地址。你可以禁止你的VPS管理端口上的所有其他范围,只需要担心通过该ISP的VPNing<p> 我想你可以阻止主要的国家罪犯,但你;d必须支付API以跟上IP分配,以确保安全。

      wiradikusuma: Holy moly! That explains why I frequently get captcha when using residential internet in Jakarta. I don't see those captcha when accessing from e.g. Kuala Lumpur or Singapore.<p>Is the information in the article actionable? E.g. can I complain to someone with authority?

      wiradikusuma: 天哪!这就解释了为什么我在雅加达使用住宅互联网时经常收到captcha。我不;从吉隆坡或新加坡等地访问时,请不要看到这些captcha<p> 文章中的信息可操作吗?例如,我可以向有权威的人投诉吗?

      mcoliver: Fun. You could also try putting the data into Google's data studio (now looker) to visualize them in an interactive map you can publish. Add things like size of dot corresponding to number of attempts, add reverse DNS/whois info to the info bubble, etc. Wonder how much came from residential vs business ip space.<p><a href="https://lookerstudio.google.com" rel="nofollow">https://lookerstudio.google.com</a>

      mcoliver: 享乐您也可以尝试将数据放入Google;的数据工作室(现在的looker),将它们可视化在可以发布的交互式地图中。添加与尝试次数相对应的点大小等内容,添加反向DNS;谁是信息泡沫,等等。想知道有多少来自住宅和商业ip空间<p> <a href=“https://;&#x2F;lookerstudio.google.com”rel=“nofollow”>https://&#x2F;lookerstudio.google.com</a>

      ametrau: [flagged]

      ametrau: [标记]

      1 条回复 最后回复 回复 引用 0
      • 第一个帖子
        最后一个帖子
      Powered by NodeBB | Contributors