This is the beginning of a four part series where I talk about a goal that I see right now, based around a series of events that just happened to fall in line, one after another.
For those of you who are unaware, I’ve recently transitioned out of the military and into the private sector. No, not working for a contracting company who still generates most of their revenue from the Government, full blown civilian life path, and i’ve never been happier! It all started when I was on the prowl for a sweet job, and a friend of mine, Chris, hit me up on LinkedIn. We had worked together for a couple years on active duty, but he said “Come work with me!”. I said let’s do it.
Not long after starting, I learned about his website, and saw the little badge at the bottom that he was a contributor to AbuseIPDB – a website that I’ve used for IP based threat reporting in the past. It turns out that he has been running a honeypot and curating that list of attackers into a feed. Not only that, but he had the AUDACITY to post it to his GitHub! What better way to bond with a friend than to flex on them a little and rewrite their code?! I wasn’t really in a place to get started just yet, because of life and things.
Well, a few months went by and we had the need to setup some open source software that I wanted to try out before pushing forward with it. So I went out, found a nice and reasonably priced VPS, and began setting it up. As soon as it was flipped on though, it was getting hammered with SSH brute forcing, port scans, and all sorts of nastiness. This is why we can’t have nice things people! That’s when I remembered Chris’ setup. OpenCanary, and a custom script to parse those logs to fire into AbuseIPDB.
And this is where the journey begins….