rcctl-stat: a tiny script to show the state of all services in one-go


by Özgür Kazanççı · December 28th, 2020 · My OpenBSD Tutorials

rcctl-stat is a tiny, cute script by Dante Catalfamo, bringing OpenBSD users the ability to show the state(s) of all services, in one-go. I prefer the coloured version.

root@~ > wget -O rcctl-stat.sh https://raw.githubusercontent.com/dantecatalfamo/rcctl-stat/color/rcctl-stat

root@~ > chmod +x rcctl-stat.sh
root@~ > ./rcctl-stat.sh

Continue reading rcctl-stat: a tiny script to show the state of all services in one-go

Block spammers/abusive IP addresses with Pf-badhost in OpenBSD. A ‘must have’ security tool! *UPDATED*


by Özgür Kazanççı · December 8th, 2020 · My OpenBSD Tutorials

Updated to: v0.5!
I’d like to introduce pf-badhost, by Jordan Geoghegan.

Pf-badhost is a very practical, robust, stable and lightweight security script for network servers.

It’s compatible with BSD based operating systems such as {Open,Free,Net,Dragonfly}BSD and MacOS. It prevents potentially-bad IP addresses that could possibly attack your servers (and waste your bandwidth and fill your logfiles), by blocking all those IPs contacting your server, and therefore it makes your server network/resources lighter and the logs of important services running on your server become simpler, more readable and efficient.

But how does it do all this?

Continue reading Block spammers/abusive IP addresses with Pf-badhost in OpenBSD. A ‘must have’ security tool! *UPDATED*

Monster IPs – Let’s jail them!


by Özgür Kazanççı · December 6th, 2020 · My OpenBSD Tutorials

I love logs. (By the way, greetings, after very-very long time!)

I love reading log files, deeply investigating them.

I dedicate a large amount of my time to reading log files of the servers I’ve been managing since decades. While they actually do work fine as they should, I still investigate them and check for their health – through the logs – from time to time.

And within all those log files, there’re always *bad guyz* scanning the servers I manage/administrate. Brute-forcing ports, spamming&relay-checking SMTP servers, scanning entire ports, trying to hack e-mail accounts, filling SSH’s/FTP’s auth. log files, et cetera.

I usually collect&merge them into a text file and while they usually waste disk, I/O and bandwidth, I block them by OpenBSD’s great PF.

Today, I wanted to share them in public. The IPs are here for your reference/usage. They were/are rapidly filling logs!

Continue reading Monster IPs – Let’s jail them!

Configuring MariaDB/MySQL server to only use UNIX socket – OpenBSD 6.4


by Özgür Kazanççı · November 25th, 2018 · My OpenBSD Tutorials

Hello there.

Today, I’m going to explain configuring MariaDB/MySQL server to only use UNIX socket – ignoring the TCP networking. This will prevent MariaDB/MySQL from using any TCP/IP communication, setting only Unix socket locally&connecting through it, and that brings better security and much better connection performance.

Unix sockets are faux-files, so they’re accessible ONLY from/within the local server.
Continue reading Configuring MariaDB/MySQL server to only use UNIX socket – OpenBSD 6.4