About Archive Tags RSS Feed


Entries tagged ideas

Yea, just look at all the passion on that wall.

10 May 2008 21:50

There should be a website to coordinate cinema-dates.

I don't like going to the cinema alone and have, in the past, frequently missed viewing films rather than go alone.

This is a habit I'm growing out of, but I still think it is better to go with a friend or two.

In the near future I'm going to view the last Indianna Jones movie, and the Sex & The City film. I have partners for both of those.

But after that? There are a few films which I can't immediately think of who I'm going to lure away with me. I could either :

  • Go alone, regardless.
  • Randomly ask people to come

If there were a site that had list of upcoming films, and allowed you to express interest in going to see them that would be a fantastic idea. (Obviously location based).

I'd not even assume "dating", because I think in my life I've had a first-date at a cinema once. When I was about 14. Because it just doesn't work - you can't talk during, (and back then we couldn't go to the pub afterward to discuss the film. I think we did anyway ;)

For bonus points you could allow people to rate the films, or even each other. Hmm.

Somebody write it for me? I've got too much on my plate ..probably

ObQuote: Se7en



Wash your face and try again, if you survive.

3 September 2008 21:50

There are many online blacklists which are populated by volunteers. I'm looking for such a blacklist which contains records of hosts conducting portscans, ssh brute-forcing, or other similar "badness".

dshield looks good - but doesn't make the scanning IP availble - just shows the port data.

denyhosts allows you to upload/download a list of IPs trying to run ssh bruteforce attacks - but when I wrote my own RPC code to poll that list of IPs I found I couldnt' get the full list.

I'm aware that I could run denyhosts on a spare IP, then just copy the IPs it downloads but that feels icky...

I'm unaware of any existing service that I could use for my purposes.

So would there be any interest in a service listing only portscanning/ssh brute-force IPs? (Allowing DNS queries, XML-RPC, or rsync downloads of the submitted data.)

Obviously I have my own reason for wanting such a list of bad IPs... Those are probably obvious, but it does seem like it would be generally useful.

I'd be willing to host a server to process the submitted reports, and make the results available, but I guess thats the easy part. The hard part is persuading people to run my "submit IP" client. Which has to understand ssh logs, iptable logs, or something similar.. Ugh.

I guess between the machiens I work with and the machines I host myself I've got a fair number of IPs which I could collect scans from - I could populate the database myself. But this is a perfect job for distributed submission.

ObQuote: Batoru rowaiaru