cyberangerI'm not biased13:27
* cyberanger installs Debian over windows cause the box said windows 10 or better13:27
netritioushowdy folks17:28
wrsthello netritious17:34
wrsthow's it going?17:34
netritioushey wrst not to shabby. starting a new project I think.17:37
netritiouswhat have you been up to lately wrst?17:38
wrstme, not a lot just the same ol, same ol, what type of project are you starting? that is if you don't have to kill me after talking about it :)17:39
netritioushaha wrst nothing top secret, and my first attempt at an "official" open source project.18:20
netritiousI mentioned it in here yesterday...in a nutshell, a set of scripts that will manage ipset and iptables.18:21
netritiouswhich I then hope to port to C or C++18:22
netritioussince yesterday there are now three of us working on it, hoping to get a few more people involved with testing pre- release stuff.18:24
netritiousi hope to have it up on github in the next few weeks, maybe as early as this weekend.18:24
wrstyes I saw that when I got in yesterday was away from ye ol' irc most of the day18:28
netritiousah yeah I take breaks too :D18:28
netritiousthe reason I got started on this was setting up a way to manage the lists form ipdeny, iblocklist, and IP's that trigger fail or error in log entries18:29
netritiousit was starting to look a little like spaghetti so I stopped coding and back-tracked, created a plan as to what i wanted out of it, and now working towards it :)18:32
netritiousinspired by snort and fail2ban18:32
wrstI would love to be an end user but would horrible until that point, sounds good :)18:48
netritioushonestly the end goal is a package for people that want to use it.19:08
netritiousit seems ipset is not installed by default on any distro I've looked at so far and a package is a good way to deal with dependencies19:10
netritiousI have other plans as well. after a package I plan to start working on a "miserable" module19:15
netritiousthe idea is to make access sporadic, slow, and unreliable as to make an attacker's experience targeting my server miserable.19:15
netritiousinspired by a really old apache module named the same.19:16
netritiousanyway, blah blah blah lol19:16
wrstha ha sounds fun :)19:43
wrstif you know what you are doing19:43
netritiousit's a fairly simple ordeal. setup rules in iptables with various rate limits for a series of matching ipset tables. (these tables contain IP addresses.) ...19:53
netritioususing cron, schedule IP's to be moved from one set to another.19:54
netritiousjust keep rotating them between one rate limit to another. Some of the rate limits might give you a taste of what's there, while the others might limit an IP to one connection in an hour.19:55
netritiousso the attacker is left scratching their head wondering if the server is worth the trouble since it's so (seemingly) unreliable.19:56
netritioushere's a link describing mod_miserable for apache http://linuxbox.co.uk/mod_miserable.php19:57

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!