Stefano Marinelli
boosted
FreeBSD 15.0-RC1 is available.
FreeBSD 15.0-RC1 is available.
Stefano Marinelli
boosted
#FreeBSD15 I block these spammers for a week atm.
blocklistd allows you to specify the number of failures before you block (I set this to zero for immediate block) and the duration before the firewall rule is cleared.
As there is also an allowlist for my trusted networks, I’m never at risk of being locked out.
As I roll out 15.0-BETA3 I am also enabling this too. At some point the notifications will be annoying but right now it’s a great deal of satisfaction, hearing them trickle in every couple of hours.
#FreeBSD15 has an updated blocklistd daemon thanks to efforts from jlduran@ with help from emaste@ & myself, imported from NetBSD https://github.com/zoulasc/blocklist
Blocklistd is an additional hook into sshd from OpenBSD, that tracks failed attempts. It now blocks on failed usernames as well.
I added a small notification 
to the script and get a very satisfying notification every time one of my servers bans a crawler.
I should also extend this so that it handles more than just ssh, but also links into our web crawler detection tooling.
I also want to extend this script so that getting a ban one on server gets you a block on all of them :)
#FreeBSD15 I block these spammers for a week atm.
blocklistd allows you to specify the number of failures before you block (I set this to zero for immediate block) and the duration before the firewall rule is cleared.
As there is also an allowlist for my trusted networks, I’m never at risk of being locked out.
As I roll out 15.0-BETA3 I am also enabling this too. At some point the notifications will be annoying but right now it’s a great deal of satisfaction, hearing them trickle in every couple of hours.
Stefano Marinelli
boosted
#FreeBSD15 has an updated blocklistd daemon thanks to efforts from jlduran@ with help from emaste@ & myself, imported from NetBSD https://github.com/zoulasc/blocklist
Blocklistd is an additional hook into sshd from OpenBSD, that tracks failed attempts. It now blocks on failed usernames as well.
I added a small notification to the script and get a very satisfying notification every time one of my servers bans a crawler.
I should also extend this so that it handles more than just ssh, but also links into our web crawler detection tooling.
I also want to extend this script so that getting a ban one on server gets you a block on all of them :)
#FreeBSD15 has an updated blocklistd daemon thanks to efforts from jlduran@ with help from emaste@ & myself, imported from NetBSD https://github.com/zoulasc/blocklist
Blocklistd is an additional hook into sshd from OpenBSD, that tracks failed attempts. It now blocks on failed usernames as well.
I added a small notification to the script and get a very satisfying notification every time one of my servers bans a crawler.
I should also extend this so that it handles more than just ssh, but also links into our web crawler detection tooling.
I also want to extend this script so that getting a ban one on server gets you a block on all of them :)
Stefano Marinelli
boosted
Hello 15-STABLE BETA2 
😀
All working great, but PKGBASE is something, I need to get used to haha.
Hello 15-STABLE BETA2 😀
All working great, but PKGBASE is something, I need to get used to haha.