Thwarting Spammers

Charly's Column – grepcidr

Article from Issue 216/2018
Author(s):

Often it is the very simple tools that, when used appropriately, lead to the greatest success. This time, sys admin columnist Charly employs an IP address filter to count the devices in his home and trip up spammers to boot.

Although Linux has many grep variants, you can always find a new one. I only discovered grepcidr [1] a few months ago. As the name suggests, the tool filters input by IP addresses and networks. It works equally well with IPv4 and IPv6. To show grepcidr's capabilities, I will use it to compile a list of all IPv4 addresses on my home network. I got this from the Syslog on the firewall, which is also the DHCP server:

cd /var/log
grepcidr 10.0.0.0/24 syslog|grep DHCPACK|tail -n 1500|cut -f9 -d" "|sort|uniq > 1stlist

The 1stlist file now contains 46 IP addresses:

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • The sys admin's daily grind: urlwatch

    Experienced system administrators attach great importance to always being up to date when it comes to information technology. Urlwatch is a command-line tool that presents the latest news from websites that do not offer RSS feeds by email.

    more »
  • Charly's Column

    If protocols were human beings, NNTP would be a kind and slightly confused person that always believes the best of other people – even if they drop trash in the mailbox. Postfilter gives NNTP a watchdog.

    more »
  • Charly's Column

    Using SQL to sift syslog data out of a database is an admittedly universal, but also fairly convoluted approach. phpLogCon, with its web interface, gives admins an easier option.

    more »
  • Charly's Column

    The Postfix Policyd plugin fights spam using techniques such as greylisting, source detection, volume measurements, blacklisting, and HELO rotation detection.

    more »
  • Charly's Column

    Leafnode is a Usenet server for small sites where just a few users need access to a large number of groups. The Leafnode server is designed to recover from errors autonomously and needs very little attention.

    more »
comments powered by Disqus