[phpBB Debug] PHP Notice: in file [ROOT]/includes/functions_content.php on line 77: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/functions_content.php on line 77: Undefined variable: Array
[phpBB Debug] PHP Notice: in file [ROOT]/includes/functions_content.php on line 77: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/functions_content.php on line 77: Undefined variable: Array
[phpBB Debug] PHP Notice: in file [ROOT]/includes/functions_content.php on line 77: Array to string conversion
[phpBB Debug] PHP Notice: in file [ROOT]/includes/functions_content.php on line 77: Undefined variable: Array
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4781: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3907)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4783: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3907)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4784: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3907)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4785: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3907)
forum.blocklist.de • View topic - Angriffe über die http-API reporten

  • Advertisement

Angriffe über die http-API reporten

Anleitungen zu Fail2Ban, blocklist.de und x-arf

Angriffe über die http-API reporten

Postby Martin » 17. Apr 2013, 23:09

Mfg Martin
http://www.blocklist.de/de/ Fail2Ban Reporting Service
User avatar
Martin
 
Posts: 397
Joined: 14. Sep 2010, 11:54

Re: Angriffe über die http-API reporten

Postby Django » 19. Jun 2014, 12:13

HI Martin,

Ich wärm' das hier mal auf. ;) Ist diese "neue Seite" schon fertig? Oder anders gefragt, hast Du da ein paar Beispiele bzw. 'ne Anleitung/How2 fertig?


ttyl
Django
Django
 
Posts: 11
Joined: 11. Jun 2014, 14:50
Location: dahoam

Re: Angriffe über die http-API reporten

Postby Martin » 19. Jun 2014, 15:34

Hi Django,

leider nein. Das ist bei mir eingeschlafen/vergessen.
Ich werde am Wochenende an der Seite weiter schreiben.
Sorry!
Mfg Martin
http://www.blocklist.de/de/ Fail2Ban Reporting Service
User avatar
Martin
 
Posts: 397
Joined: 14. Sep 2010, 11:54

Re: Angriffe über die http-API reporten

Postby Django » 21. Jun 2014, 20:09

HI Martin!

Hey, nur keinen Streß, ich bin nur auf der Suche nach Informationen wie ich fail2ban dazu bewege, die http-API zu verwenden. Bei badips.com bin ich ja schon dahintzer gekommen. Bei blocklist.de werd ich das schon auch noch hinbekommen.

ttyl
Django
Django
 
Posts: 11
Joined: 11. Jun 2014, 14:50
Location: dahoam

Re: Angriffe über die http-API reporten

Postby Martin » 22. Jun 2014, 15:15

Mfg Martin
http://www.blocklist.de/de/ Fail2Ban Reporting Service
User avatar
Martin
 
Posts: 397
Joined: 14. Sep 2010, 11:54

Re: Angriffe über die http-API reporten

Postby Django » 22. Jun 2014, 19:49

Django
 
Posts: 11
Joined: 11. Jun 2014, 14:50
Location: dahoam

Re: Angriffe über die http-API reporten

Postby Martin » 23. Jun 2014, 18:18

Mfg Martin
http://www.blocklist.de/de/ Fail2Ban Reporting Service
User avatar
Martin
 
Posts: 397
Joined: 14. Sep 2010, 11:54

Re: Angriffe über die http-API reporten

Postby LightGapNet » 28. Jun 2014, 13:14

Hi,

Wir betreiben einen Mailproxy (via NGINX) für unsere Kunden und haben im Authentication Script schon diverse Maßnahmen um IPs die Brute-Force Attacken fahren bzw. mit mehr oder weniger Random Usernamen (erfolglos) versuchen sich einzuloggen etc. auszusperren und ich möchte diese Informationen auch der Community zur Verfügung stellen und über die HTTP API Fehlversuche an Blocklist.de melden.

Das Script ist allerdings Custom und kein Fail2Ban etc. arbeitet aber ähnlich.

Jetzt ist es allerdings so dass wir zwar schon diverse Attacken gemeldet haben aber nur 2 davon auch registriert wurden.
Bei den anderen kommt von der API kein bzw. ein leerer Reply, also weder ein Error noch ein Success.
Wie kann das sein? Mach ich irgendwas falsch? Wir melden jeden EIntrag nach dem selben Muster.

Und sollte ich nur Attacken melden die unsererseits bereits blockiert wurden (zB min. 10 erfolglose Loginversuche) oder jeden einzelnen Fehlversuch. Aktuell mache ich ersteres da sonst wohl der Traffic nicht sinnvoll wär.

MFG
Günther
LightGapNet
 
Posts: 1
Joined: 22. Jun 2014, 13:47

Re: Angriffe über die http-API reporten

Postby Martin » 3. Jul 2014, 15:08

Hallo Günther,

am besten schreibst du uns an support@ einmal die IP-Adresse des Servers, welcher die Attacken an die API meldet und eine Beispiel IP, die geblockt wurde (optional).
Dann können wir die Logfiles danach prüfen und den genauen Grund feststellen (api-Meldung oder WEbserver-Meldung....).

Bei großen Log-File-Daten, empfehlen wir die Daten per POST zu senden, da sonst manchmal die Variable $_REQUEST['logs'] komischerweise leer ist.

Ansonsten wird bei einem Fehler der http-Status 400 zurück gegeben.
Wenn alles OK war, der Status 200.
Mfg Martin
http://www.blocklist.de/de/ Fail2Ban Reporting Service
User avatar
Martin
 
Posts: 397
Joined: 14. Sep 2010, 11:54


Return to Anleitungen

Who is online

Users browsing this forum: No registered users and 1 guest

  • Advertisement
cron
figurative