[13:27] I'm not biased [13:27] * cyberanger installs Debian over windows cause the box said windows 10 or better [17:28] howdy folks [17:34] hello netritious [17:34] how's it going? [17:37] hey wrst not to shabby. starting a new project I think. [17:38] what have you been up to lately wrst? [17:39] me, not a lot just the same ol, same ol, what type of project are you starting? that is if you don't have to kill me after talking about it :) [18:20] haha wrst nothing top secret, and my first attempt at an "official" open source project. [18:21] I mentioned it in here yesterday...in a nutshell, a set of scripts that will manage ipset and iptables. [18:22] which I then hope to port to C or C++ [18:24] since yesterday there are now three of us working on it, hoping to get a few more people involved with testing pre- release stuff. [18:24] i hope to have it up on github in the next few weeks, maybe as early as this weekend. [18:27] cool [18:28] yes I saw that when I got in yesterday was away from ye ol' irc most of the day [18:28] ah yeah I take breaks too :D [18:29] the reason I got started on this was setting up a way to manage the lists form ipdeny, iblocklist, and IP's that trigger fail or error in log entries [18:32] it was starting to look a little like spaghetti so I stopped coding and back-tracked, created a plan as to what i wanted out of it, and now working towards it :) [18:32] inspired by snort and fail2ban [18:48] I would love to be an end user but would horrible until that point, sounds good :) [19:08] honestly the end goal is a package for people that want to use it. [19:10] it seems ipset is not installed by default on any distro I've looked at so far and a package is a good way to deal with dependencies [19:15] I have other plans as well. after a package I plan to start working on a "miserable" module [19:15] the idea is to make access sporadic, slow, and unreliable as to make an attacker's experience targeting my server miserable. [19:16] inspired by a really old apache module named the same. [19:16] anyway, blah blah blah lol [19:43] ha ha sounds fun :) [19:43] if you know what you are doing [19:53] it's a fairly simple ordeal. setup rules in iptables with various rate limits for a series of matching ipset tables. (these tables contain IP addresses.) ... [19:54] using cron, schedule IP's to be moved from one set to another. [19:55] just keep rotating them between one rate limit to another. Some of the rate limits might give you a taste of what's there, while the others might limit an IP to one connection in an hour. [19:56] so the attacker is left scratching their head wondering if the server is worth the trouble since it's so (seemingly) unreliable. [19:57] here's a link describing mod_miserable for apache http://linuxbox.co.uk/mod_miserable.php