Spamsnapper.to
Snapping up hackers one IP address or a whole network at a time

We only list IP addresses
 

Links to selected country's coming soon.

Thank you TCPDUMP

These list are networks attempting to hack into servers like SSH, port 8080, port 5500 and telnet etc...

We are adding another list for networks that scammer web sites reside in and nations that seem to allow hacking

When you connect with a user name (mostly root) and password there is no doubt you are trying to break into a server

These list are in text format and can be used in a "table" in PF type fire walls of cut and paste into you firewall

Example for PF:

Add to the "tables" section of your pf.conf file:      table <hackerip> persist file "/etc/ssh-violations"

                     

      Add to the rules section of your pf.conf file:       block in quick on $ext_if from <hackerip> to any port 22 #(the standard ssh port)

Just remove the "port 22" and this will block all traffic from the list.

You can automate the downloading and updating your firewall using wget

Example for PF:

Add something like this to cron tab file: 

10    *    *    *    *    /usr/local/bin/wget -P /etc/  http://spamsnapper.to/ssh-violations | /sbin/pfctl -f pf.conf

You may need to tweak this example to fit your server.

However this list is used, it is at your own risk and is intended as as educational tool showing how many "hackers" are out there

 

You would be surprised who owns the networks that have allowed hackers. You probably do business with them!

 

If you are an ISP and see your IP on the list, then your customers are abusing the internet and you could be liable for their actions.

To request a removal, a request must come from the offical "abuse" e-mail address of the ISP.

 

spamsnapper{("at")}spamsnapper.to

note: remove the {("at")} and replace it with the @ symbol