Spamsnapper.to
Snapping up hackers one IP address or a whole network at a time
We only list IP addresses
Links to selected country's
coming soon.
Thank you TCPDUMP
These list are networks
attempting to hack into servers like SSH, port 8080, port 5500 and telnet
etc...
We are adding another list for
networks that scammer web sites reside in and nations that seem to allow
hacking
When you connect with a user
name (mostly root) and password there is no doubt you are trying to break
into a server
These list are in text format
and can be used in a "table" in PF type fire walls of cut and paste into
you firewall
Example for PF:
Add to the "tables" section of
your pf.conf file: table <hackerip>
persist file "/etc/ssh-violations"
Add to the rules section of your pf.conf file: block
in quick on $ext_if from <hackerip> to any port 22 #(the standard
ssh port)
Just remove the "port 22" and
this will block all traffic from the list.
You can automate the downloading
and updating your firewall using wget
Example for PF:
Add something like this to cron
tab file:
10
* * *
* /usr/local/bin/wget -P /etc/
http://spamsnapper.to/ssh-violations | /sbin/pfctl -f pf.conf
You may need to tweak this
example to fit your server.
However this list is used, it is
at your own risk and is intended as as educational tool showing how many
"hackers" are out there
You would be surprised who owns
the networks that have allowed hackers. You probably do business with
them!
If you are an ISP and see your
IP on the list, then your customers are abusing the internet and you could
be liable for their actions.
To request a removal, a
request must come from the offical "abuse" e-mail address of the ISP.
spamsnapper{("at")}spamsnapper.to
note: remove the {("at")} and
replace it with the @ symbol