400 000 reports on AbuseIPDB

Avatar of Slayer

Slayer

Nov 21, 2022

Photo by <a href="https://unsplash.com/@jakewalker?utm_source=ghost&utm_medium=referral&utm_campaign=api-credit">Jake Walker</a> / <a href="https://unsplash.com/?utm_source=ghost&utm_medium=referral&utm_campaign=api-credit">Unsplash</a>
Photo by Jake Walker / Unsplash

We did it guys, we have reported over 400 000 IP's on AbuseIPDB. Our servers monitor some port traffic and reports it to AbuseIPDB using our own tool, ListenSSH. You can Drivet's AbuseIPDB profile here: abuseipdb.com

While the tool is called ListenSSH, it supports listening to multiple ports, unless they are in use. Good examples are 5432, 3306 if you use PostgreSQL or MySQL, these ports should never be open to the internet, even if it has strong passphrase.

ListenSSH supports caching, so if the IP does burst requests to your server's ports, it will only report one request attempt to AbuseIPDB in order to prevent ratelimits/api usage limit. The IP's are cached for 15 minutes. More features here.

We report ~2900 IP addresses daily from 3 different servers

© 2019-2022 Drivet Development. All rights reserved

TwitterMatrix