Guests I Blocked In September 2019

My Wekan board serves me in two ways. The first one, quite obviously, is to organize my tasks. The second one is to be a honeypot. Looking at logs, I can spot techniques people use to attack web apps. Pretty interesting readings. Here are some of IPs I blocked recently.

IP: 172.104.242.173Location of Linode's (Linode, LLC) server in Philadelphia.

IP: 88.225.229.42Somebody from Antalya, Turkey (TurkTelekom).

IP: 71.166.242.111Say 'Hi!' to curious people in Centreville, Virginia, USA.

IP: 104.248.194.110Zgrab scanner hosted in one of Digital Ocean's box in Amsterdam.

IP: 89.248.174.216The company (hosting?) registered on Seychelles, but the server is in Amsterdam.

IP: 168.181.121.22Honduras. Really?

IP: 221.147.59.226Somebody from South Korea wants to know my plans.

IP: 128.14.209.178A software hosted in one of Zenlayer's (Zenlayer Inc) spoofs user agent. Vernon, California, USA.

IP: 95.6.22.50Again Turkey, but this time Istanbul (TurkTelekom).

IP: 170.254.74.49Request from the middle of nowhere, Minacu, Goias, Brazil.

IP: 175.107.23.156Guest from Chichawatni, Punjab, Pakistan.

IP: 103.58.249.22Request from Jodhpur, Rajasthan, India looks very similar to requests from Pakistan and Brazil. Proxies?

IP: 104.42.137.111One of Microsoft Azure server in California, USA hosts zgrab tool. I do not expect any requests from other cloud providers, so I blocked whole range of IPs.

IP: 183.129.160.229China is calling.

IP: 201.76.120.212Montenegro, Rio Grande Do Sul, Brazil.

IP: 139.162.119.197Tokyo, Japan. The geography of unwanted guests is the whole Globe.

Sep 30, 2019. Berlin

The Half-life of Software

The Hourglass Model

Side Income Ideas for Software Developers

Migration of Wekan from local to AWS