Discussion · bonfire.cafe

#FreeBSD15 has an updated blocklistd daemon thanks to efforts from jlduran@ with help from emaste@ & myself, imported from NetBSD https://github.com/zoulasc/blocklist

Blocklistd is an additional hook into sshd from OpenBSD, that tracks failed attempts. It now blocks on failed usernames as well.

I added a small notification to the script and get a very satisfying notification every time one of my servers bans a crawler.

I should also extend this so that it handles more than just ssh, but also links into our web crawler detection tooling.

I also want to extend this script so that getting a ban one on server gets you a block on all of them :)

GitHub

GitHub - zoulasc/blocklist: This package contains a library that can be used by network daemons to communicate with a packet filter via a daemon to enforce opening and closing ports dynamically based on policy.

This package contains a library that can be used by network daemons to communicate with a packet filter via a daemon to enforce opening and closing ports dynamically based on policy. - zoulasc/bloc...

dch :flantifa: :flan_hacker:

@dch@bsd.network replied · 6 days ago

#FreeBSD15 I block these spammers for a week atm.

blocklistd allows you to specify the number of failures before you block (I set this to zero for immediate block) and the duration before the firewall rule is cleared.

As there is also an allowlist for my trusted networks, I’m never at risk of being locked out.

As I roll out 15.0-BETA3 I am also enabling this too. At some point the notifications will be annoying but right now it’s a great deal of satisfaction, hearing them trickle in every couple of hours.

a list of notifications from servers of blocked IP ranges.

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.3.21 no JS en

Automatic federation enabled