Block spammers/abusive IP addresses with Pf-badhost in OpenBSD. A ‘must have’ security tool! *UPDATED*

by Özgür Kazanççı · December 8th, 2020 · My OpenBSD Tutorials

Updated to: v0.5!
I’d like to introduce pf-badhost, by Jordan Geoghegan.

Pf-badhost is a very practical, robust, stable and lightweight security script for network servers.

It’s compatible with BSD based operating systems such as {Open,Free,Net,Dragonfly}BSD and MacOS. It prevents potentially-bad IP addresses that could possibly attack your servers (and waste your bandwidth and fill your logfiles), by blocking all those IPs contacting your server, and therefore it makes your server network/resources lighter and the logs of important services running on your server become simpler, more readable and efficient.

But how does it do all this?

Continue reading Block spammers/abusive IP addresses with Pf-badhost in OpenBSD. A ‘must have’ security tool! *UPDATED*

Monster IPs – Let’s jail them!

by Özgür Kazanççı · December 6th, 2020 · My OpenBSD Tutorials

I love logs. (By the way, greetings, after very-very long time!)

I love reading log files, deeply investigating them.

I dedicate a large amount of my time to reading log files of the servers I’ve been managing since decades. While they actually do work fine as they should, I still investigate them and check for their health – through the logs – from time to time.

And within all those log files, there’re always *bad guyz* scanning the servers I manage/administrate. Brute-forcing ports, spamming&relay-checking SMTP servers, scanning entire ports, trying to hack e-mail accounts, filling SSH’s/FTP’s auth. log files, et cetera.

I usually collect&merge them into a text file and while they usually waste disk, I/O and bandwidth, I block them by OpenBSD’s great PF.

Today, I wanted to share them in public. The IPs are here for your reference/usage. They were/are rapidly filling logs!

Continue reading Monster IPs – Let’s jail them!