What really confuses me about the net neutrality issue is when telco execs say things like this.

“Now what they would like to do is use my pipes free, but I ain’t going to let them do that because we have spent this capital and we have to have a return on it. So there’s going to have to be some mechanism for these people who use these pipes to pay for the portion they’re using. Why should they be allowed to use my pipes?

The Internet can’t be free in that sense, because we and the cable companies have made an investment and for a Google or Yahoo! (YHOO ) or Vonage or anybody to expect to use these pipes [for] free is nuts!”

I wrote a quick script to analyze the logs generated by SBLD. You can pull them out of syslog, or (as I'm doing), have your log checker aggregate SBLD events for you. I'm making the statistics for my site available here, as a resource for others.

If you run a server with SSHD exposed to the internet, chances are that server is being scanned for common username and password combinations. These often appear in the authorization log (/var/log/auth.log) as entries like:

Jun 12 13:33:57 localhost sshd[18900]: Illegal user admin from 219.254.25.100<br /> Jun 12 13:37:17 localhost sshd[18904]: Illegal user admin from 219.254.25.100<br /> Jun 12 13:37:20 localhost sshd[18906]: Illegal user test from 219.254.25.100<br /> Jun 12 13:37:22 localhost sshd[18908]: Illegal user guest from 219.254.25.100<br />

Extend that for several hundred lines, and you’ll have an idea of what one scan looks like.

Copyright © 2017 Kyle Kingsbury.
Non-commercial re-use with attribution encouraged; all other rights reserved.
Comments are the property of respective posters.