Этот лист создан на основе логов сервера Asterisk для избавления от запросов типа:
[Feb 7 04:03:49] VERBOSE[3204] asterisk.c: -- Remote UNIX connection
[Feb 7 04:03:49] VERBOSE[23940] asterisk.c: -- Remote UNIX connection disconnected
type=USER_AUTH msg=audit(1360052901.064:172607): user pid=21957 uid=0 auid=4294967295 msg='PAM: authentication acct="?" : exe="/usr/sbin/sshd" (hostname=monitor.smartfonsib.ru, addr=194.190.80.117, terminal=ssh res=failed)'
type=USER_LOGIN msg=audit(1360052901.064:172608): user pid=21957 uid=0 auid=4294967295 msg='acct="nagiosuser": exe="/usr/sbin/sshd" (hostname=?, addr=194.190.80.117, terminal=sshd res=failed)'
type=CRYPTO_SESSION msg=audit(1360052901.269:172609): user pid=21961 uid=0 auid=4294967295 msg='op=start direction=from-client cipher=aes128-cbc ksize=128 rport=60475 laddr=XX.XX.XX.XX lport=22 id=4294967295 exe="/usr/sbin/sshd" (hostname=?, addr=194.190.80.117, terminal=? res=success)'
type=CRYPTO_SESSION msg=audit(1360052901.269:172610): user pid=21961 uid=0 auid=4294967295 msg='op=start direction=from-server cipher=aes128-cbc ksize=128 rport=60475 laddr=XX.XX.XX.XX lport=22 id=4294967295 exe="/usr/sbin/sshd" (hostname=?, addr=194.190.80.117, terminal=? res=success)'
Feb 3 09:51:05 sip sshd[631]: Received disconnect from 50.57.172.240: 11: Bye Bye
Feb 3 09:51:06 sip sshd[632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50-57-172-240.static.cloud-ips.com user=root
Feb 5 12:27:54 sip sshd[21917]: Invalid user spamd from 194.190.80.117
Feb 5 12:27:54 sip sshd[21918]: input_userauth_request: invalid user spamd
Feb 5 12:27:54 sip sshd[21917]: pam_unix(sshd:auth): check pass; user unknown
Feb 5 12:27:54 sip sshd[21917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=monitor.smartfonsib.ru
Feb 5 12:27:54 sip sshd[21917]: pam_succeed_if(sshd:auth): error retrieving information about user spamd
Feb 5 12:27:56 sip sshd[21917]: Failed password for invalid user spamd from 194.190.80.117 port 57693 ssh2
Feb 5 12:27:56 sip sshd[21918]: Received disconnect from 194.190.80.117: 11: Bye Bye
193.200.32.11 - - [03/Feb/2013:14:15:11 +0400] "GET / HTTP/1.0" 200 3040
198.20.69.98 - - [05/Feb/2013:05:42:05 +0400] "GET / HTTP/1.1" 200 3040
91.147.161.40 - - [06/Feb/2013:02:06:54 +0400] "GET /vtigercrm/graph.php?current_language=../../../../../../../..//etc/elastix.conf%00&module=Accounts&action HTTP/1.1" 404 295
[Thu Feb 07 15:17:05 2013] [error] [client 70.35.138.138] PHP Notice: Undefined index: file in /var/www/html/vtigercrm/include/utils/utils.php on line 1012
[Thu Feb 07 15:17:05 2013] [error] [client 70.35.138.138] PHP Notice: Undefined index: search in /var/www/html/vtigercrm/include/utils/utils.php on line 1008
DROP LIST
50.57.172.0/24
121.8.153.0/24
62.201.220.0/24
123.30.191.0/24
151.0.8.0/24
77.73.100.0/24
205.234.134.0/24
193.200.32.0/24
91.147.161.0/24
194.190.80.0/24
198.20.69.0/24
166.78.4.0/24
61.142.106.0/24
58.215.36.0/24
94.102.74.0/24
180.186.74.0/24
221.143.46.0/24
198.72.106.0/24
64.185.229.0/24
94.140.231.0/24
66.240.177.0/24
50.59.209.0/24
217.65.209.0/24