For more information and to download see my code page.

After doing a bit of digging in my logs I discovered that there were roughly 300 or so unique IPs hitting me. A few Google searches later and I discovered sshblack. It’s a Perl based log monitor that watches your SSH log (/var/log/secure.log for those of you running OS X) for invalid attempts and after X number of failures in Y amount of time it adds the IP to your firewall deny list for Z number of days. The program was originally written to work with ipchains, but OS X uses IPFW2, so some minor modifications were necessary. Since I was already playing around in the files I decided I’d modify the logging sections to take advantage of the built in syslog system in OS X instead of just printing out directly to a log file.

I’ll be posting up my modifications as well as some instructions on how to get it all working on my code page in the next couple days once I’ve cleaned it up.

c0dedbad.com will primarily be a home for any coding I do, such as my Categorical Links Page plugin for Wordpress and my still-in-the-planning-stages firewall log graphing tool, to be written in perl.

I will also be posting here about IT security and information assurance, as it is one of my primary interests and my current career path.

There’s a pretty good chance that some random rambling will happen from time to time as well.

Want to know more about me and this site? Check out the about page. Don’t want to know anything about me and the site? Read it anyway. You know you don’t have anything better to do.