Category Archives: Security

My deny list of IP addresses

security
Image by GotCredit licensed under Creative Commons Attribution 2.0 Generic Licence

I monitor few websites for friends and had to configure security modules in order to prevent brute force attacks and breaches in the admin interface of the website. For CMS like WordPress and Drupal there are some good security modules like iThemesSecurity, Security Review and Login Security. These modules improve the security of a website by limiting the number of failed login attempts and blocking the suspicious IP address.

Over time I collected a list of  denied IP addresses which  I share here. One thing I learnt is that attacks can come from anywhere. I believe that some of these IP addresses belong to a botnet of compromised computers as I could trace their coordinates to some very well-known locations in the world and their origin from some major cloud providers.

Here below is an example of denied IP addresses with geolocation data. The full list is in this CSV file. The data is courtesy of MaxMind and ip-api. The list was last updated on 17th May 2020.

IP Address Country Code Location Postal Code Coordinates ISP Domain
46.20.12.30 TR Bursa,
Bursa,
Turkey,
Asia
16245 40.2719,
29.0983
Dgn Teknoloji Bilisim Yayincilik Sanayi Ve Limited ttnetdc.com
203.130.196.150 ID Jakarta,
Daerah Khusus Ibukota Jakarta,
Indonesia,
Asia
  -6.1744,
106.8294
Pt Telekomunikasi Indonesia  
109.195.228.208 RU Rostov-on-Don,
Rostov,
Russia,
Europe
344000 47.2364,
39.7139
JSC ER-Telecom Holding ertelecom.ru
66.91.141.42 US Honolulu,
Hawaii,
United States,
North America
96805 21.3069,
-157.8583
Time Warner Cable rr.com
185.53.78.144 UA Ukraine,
Europe
  50.45,
30.5233
LLC Gigatel rv.ua
91.200.12.11 UA Ukraine,
Europe
  50.45,
30.5233
PP SKS-Lugan  
37.59.56.6 FR France,
Europe
  48.86,
2.35
OVH SAS ovh.net
37.252.102.136 ES Basque Country,
Spain,
Europe
  43.2609,
-2.9388
Xtudio Networks S.l.u  
207.244.68.152 US Manassas,
Virginia,
United States,
North America
20109 38.7932,
-77.5366
Leaseweb USA  
67.43.10.129 US Lansing,
Michigan,
United States,
North America
48917 42.7257,
-84.636
Liquid Web  
193.201.224.40 UA Serhiyi,
Chernivtsi,
Ukraine,
Europe
  47.9752,
25.1286
PE Tetyana Mysyk  
86.123.247.64 RO Lugoj,
Judetul Timis,
Romania,
Europe
305500 45.6886,
21.9031
RCS & RDS  
174.136.57.228 US St Louis,
Missouri,
United States,
North America
63131 38.6143,
-90.4444
Colo4, LLC  
95.140.36.2 HU Budapest,
Budapest fovaros,
Hungary,
Europe
1012 47.5,
19.0833
Szervernet szervernet.hu
217.9.126.231 DE Germany,
Europe
  51,
9
Versatel Deutschland  
162.144.66.10 US Provo,
Utah,
United States,
North America
84606 40.2181,
-111.6133
Unified Layer unifiedlayer.com
52.90.51.76 US Ashburn,
Virginia,
United States,
North America
20147 39.0335,
-77.4838
Amazon Technologies  
88.120.254.31 RU Russia,
Europe
  55.75,
37.6166
JSC ISPsystem  
166.63.124.122 US Columbus,
Ohio,
United States,
North America
43228 39.9649,
-83.1383
Ecommerce Corporation cloudix.com
71.43.100.242 US Orlando,
Florida,
United States,
North America
32810 28.6185,
-81.4336
Time Warner Cable rr.com
213.163.66.101 NL Netherlands,
Europe
  52.3667,
4.9
i3d B.V. i3d.net
82.76.87.154 RO Lugoj,
Judetul Timis,
Romania,
Europe
305500 45.6886,
21.9031
RCS & RDS rdsnet.ro
80.13.94.242 FR France,
Europe
  48.86,
2.35
Orange wanadoo.fr
149.255.37.187 NL Netherlands,
Europe
  52.3667,
4.9
Swiftway Sp. z o.o. swiftway.net
173.254.61.236 US Provo,
Utah,
United States,
North America
84606 40.2181,
-111.6133
Unified Layer unifiedlayer.com
72.55.186.26 CA Montreal,
Quebec,
Canada,
North America
H3G 45.4987,
-73.5793
iWeb Technologies panelboxmanager.com
192.185.82.205 US Houston,
Texas,
United States,
North America
77092 29.8301,
-95.4739
Websitewelcome.com websitewelcome.com
194.28.172.219 UA Ukraine,
Europe
  50.45,
30.5233
ON-LINE besthosting.ua
62.219.197.147 IL Nazareth,
Northern District,
Israel,
Asia
  32.7036,
35.2956
Bezeq International bezeqint.net
6.20.160.53 FR Gueret,
Creuse,
Limousin,
France,
Europe
23000 46.2667,
1.8667
Adista SAS  
198.57.247.139 US Provo,
Utah,
United States,
North America
84606 40.2181,
-111.6133
Unified Layer unifiedlayer.com
74.220.207.109 US Provo,
Utah,
United States,
North America
84606 40.2181,
-111.6133
Unified Layer hostmonster.com
46.216.4.146 BY Minsk,
Minsk,
Belarus,
Europe
  53.9,
27.5667
Mobile TeleSystems JLLC  
184.68.101.154 CA Calgary,
Alberta,
Canada,
North America
T3R 51.2021,
-114.2453
Shaw Communications  
103.30.12.10 IN India,
Asia
  20,
77
Surendra Informatics  
79.116.28.250 RO Lugoj,
Judetul Timis,
Romania,
Europe
305500 45.6886,
21.9031
RCS & RDS rdsnet.ro
188.65.115.90 GB United Kingdom,
Europe
  51.5,
-0.13
UK Webhosting  
92.85.171.200 RO Timişoara,
Judetul Timis,
Romania,
Europe
  45.7494,
21.2272
Telekom Romania Communication S.A  
148.251.0.166 DE Germany,
Europe
  51,
9
Hetzner Online GmbH r-99.com
23.101.213.136 AU Sydney,
New South Wales,
Australia,
Oceania
1001 -33.8678,
151.2073
Microsoft Corporation, Microsoft Azure  
5.101.138.91 GB Rugby,
Warwickshire,
England,
United Kingdom,
Europe
CV21 52.3913,
-1.2866
UK Dedicated Servers Limited ukservers.com
61.25.200.204 JP Japan,
Asia
  35.69,
139.69
@Home Network Japan home.ne.jp
71.165.35.215 US Baldwin Park,
California,
United States,
North America
91706 34.0964,
-117.9668
Verizon Internet Services verizon.net
87.106.129.221 DE Germany,
Europe
  51,
9
1&1 Internet AG  
193.111.140.181 DE Dusseldorf,
North Rhine-Westphalia,
Germany,
Europe
40472 51.2686,
6.81
myLoc managed IT AG fastwebserver.de
193.111.140.181 DE Dusseldorf,
North Rhine-Westphalia,
Germany,
Europe
40472 51.2686,
6.81
myLoc managed IT AG fastwebserver.de
24.38.19.220 US Denville,
New Jersey,
United States,
North America
7834 40.8841,
-74.4863
Optimum Online, Denville Township School lightpath.net
64.235.39.67 US Las Vegas,
Nevada,
United States,
North America
89141 35.9781,
-115.2117
Las Vegas NV Datacenter lasvegas-nv-datacenter.com
175.137.252.141 MY Kuala Lumpur,
Kuala Lumpur,
Malaysia,
Asia
52200 3.1553,
101.6668
Telekom Malaysia TM Net

How to install and update KeePass

KeePass
Image Loki 66 – GPL

KeePass is one of my favourite software. It is a password manager which allows to store secure passwords and forget about them. All you need to do is to remember one single (strong) password to open the software and that’s it. Considering the amount of passwords one has to remember these days, there is a bad tendency to use weak memorable passwords – or even worse always the same password! KeePass is good choice since it is cross-platform, uses strong encryption algorithms, and can store data offline.

I’m currently using KeePass2 (update: I now use KeePassX) However, I noticed that if you install KeePass via the Ubuntu Software Center you won’t necessarily install the latest version and you won’t get the latest updates automatically. So here is the procedure to overcome this problem.

First, add the KeePass repository. For example, in Ubuntu:

sudo add-apt-repository "deb http://ppa.launchpad.net/jtaylor/keepass/ubuntu precise main"

where precise is the codename of the Ubuntu version (here 12.04 Precise Pangolin). If you don’t know the codename of the Linux version find it out with:

lsb_release -a

Then update the repository directory and install KeePass2:

sudo apt-get update
sudo apt-get install keepass2

Finally, open KeePass, click on on Help -> Check for updates and KeePass2 will update to the latest stable version. From now on, Ubuntu will update it automatically.

Update: I’m now using KeePassX which is a native port of KeePass for Linux and Mac OS.