Going to cross post this to the list (I know some of us criss-cross lists). Reasoning, a lot of IP PBXs have web based interfaces, and some need to be on the public Internet. --- Cobbled together a script to scrape my logs, parse out web based attackers (SQLi, XSS, CSRF, etc) and compile said list for blacklisting. Script is pulling from 6 different web servers for now. I may add more later depending on whether or not I see a lot of usage. http://www.infiltrated.net/webattackers.txt -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM "Where ignorance is our master, there is no possibility of real peace" - Dalai Lama 42B0 5A53 6505 6638 44BB 3943 2BF7 D83F 210A 95AF http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF