Apologies for cross posting but some of us aren't on the other list (vice/versa) and thought both groups would benefit. For those familiar with the VoIP Abuse Project, no need to explain the gist of this. I got tired of parsing through the alerts (lists) I receive via email daily. They're long and sometimes I don't have the time to post them all. So for now, posting VoIP Abuse addresses straight to Twitter. So, anyone trying to compromise a pbx, is now autoposted on an hourly basis to Twitter. Still working on pulling, have about 4 machines linked up now, will mop em up during the week. http://twitter.com/#!/voipabuse Now, you can concoct a quick script off of it, e.g.: links -dump "http://twitter.com/voipabuse"|awk '/attacker/{print "iptables -A INPUT -s "$2" -j DROP"| "sort -u"}' Will get a quickie soon from my Acme's, nCites, etc. when I have time. For those NOT familiar with it, please Google it as I don't feel like typing anymore ;) (sorry) -- =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ J. Oquendo SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM "It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently." - Warren Buffett 42B0 5A53 6505 6638 44BB 3943 2BF7 D83F 210A 95AF http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF