TLDR
With a bit of Linux command line kung fu, some Golang, and Google sheets, I was able to get a pretty good idea of where the attacks are coming from. I'm using CentOS to host my site, so I checked out /var/log/secure. This log is where authentication logs are stored on my server. I wanted to extract the IP address of attackers from this file. It will do this for all of the messages I have in my "badstrings" list. It then dumps the IP into a temp.txt file.via the TL;DR App
no story
Written by jeremymorgan | Tech blogger, author, overall geek. Love tech and love writing about it.