Identify traffic sources in bulk

 Say you have a list of IP addresses from a log file of hackers/losers/DDoSers.

Step 1, install geoiplookup

sudo apt-get install geoip-bin

Step 2,

for i in `cat list` ; do ( echo -n $i" " ; geoiplookup $i ) ; done | grep -v "South Africa"


This basically will let you look up who they are and ignore IPs from home country, in this case South Africa.

Once you decide which countries are likely to be hackers (Hello, former soviet bloc!) - then you block their IPs.


Popular posts from this blog

Automatically Fix Song Metadata and Filenames on Linux with Beets

throttle traffic on apache

script to show all files with disk usage sizes