|
|
@@ -58,6 +58,27 @@ def unblocker(ip):
|
|
|
# except JSONDecodeError:
|
|
|
# log.error("Failed to decode line, '{0}'".format(line))
|
|
|
|
|
|
+def numeric_check(name):
|
|
|
+ """ Attempt's to convert name into a integer or rather float
|
|
|
+ If it succeeds then either we have a really dumb user or
|
|
|
+ we have a hacker.
|
|
|
+ """
|
|
|
+ try:
|
|
|
+ name = float(name)
|
|
|
+ return True
|
|
|
+ except TypeError:
|
|
|
+ return False
|
|
|
+
|
|
|
+def contains_bad(name):
|
|
|
+ """ Checks each of the bad names to see if the bad name is in the
|
|
|
+ name given.
|
|
|
+ I.E. root123 would trigger because root is in the name.
|
|
|
+ """
|
|
|
+ for b in myConfig["bad_users"]:
|
|
|
+ if b in name:
|
|
|
+ return True
|
|
|
+ return False
|
|
|
+
|
|
|
struct = {}
|
|
|
state = 0
|
|
|
def is_bad(line):
|
|
|
@@ -96,7 +117,8 @@ class EventHandler(ProcessEvent):
|
|
|
if(luser):
|
|
|
if luser["ip"] in myConfig["whitelist"]:
|
|
|
return # Don't block ourselves
|
|
|
- if luser["user"] in myConfig["bad_users"]:
|
|
|
+ if luser["user"] in myConfig["bad_users"] or numeric_check(luser["user"]) or contains_bad(luser["user"]):
|
|
|
+ # The user either is directly in the bad users list, either all numbers or contains a bad username.
|
|
|
blocker(luser["ip"])
|
|
|
now = pendulum.now().to_atom_string()
|
|
|
log.info("Blocked {0} at {1}".format(luser["ip"], now))
|
|
|
@@ -117,7 +139,8 @@ class EventHandler(ProcessEvent):
|
|
|
if(luser):
|
|
|
if luser["ip"] in myConfig["whitelist"]:
|
|
|
return # Don't block ourselves
|
|
|
- if luser["user"] in myConfig["bad_users"]:
|
|
|
+ if luser["user"] in myConfig["bad_users"] or numeric_check(luser["user"]) or contains_bad(luser["user"]):
|
|
|
+ # The user either is directly in the bad users list, either all numbers or contains a bad username.
|
|
|
blocker(luser["ip"])
|
|
|
now = pendulum.now().to_atom_string()
|
|
|
log.info("Blocked {0} at {1}".format(luser["ip"], now))
|
