Automatic abuse reports

Daniël W. Crompton daniel.crompton at
Wed Nov 13 00:15:13 UTC 2013

On 12 November 2013 22:52, Sam Moats <sam at> wrote:

> We used to use a small perl script called tattle that would parse out the
> /var/log/secure on our *nix boxes, isolate the inbound ssh exploits, lookup
> the proper abuse contacts and report them. I haven't seen anything similar
> in years but it would be interesting to do more than null route IPs.

We also used to have a script which did something similar but for more than
just inbound ssh, for the most part this was ineffective.


blaze your trail

Daniël W. Crompton <daniel.crompton at>




More information about the NANOG mailing list