IRCForumları - IRC ve mIRC Kullanıcılarının Buluşma Noktası

slm arkadaslar BOPM Kurulumu (Blitzed Open Proxy Monitor) bu sistemi normal socket bot seklınde yada remotelere eklencek sekılde ayarlaya bılırmıyız? sistem üzerinde kurulmus halıne yakın bir şekle getirebılırmıyız? kısacası bu kadar sağlam bir koruma olmasada remotelere eklencek halı getirile bılırmı yardımcı olursanız sevınırım..

* Basic config for BOPM on EFnet by mofo, based on the sample configuration Contact [Üye Olmadan Linkleri Göremezsiniz. Üye Olmak için TIKLAYIN...] for questions/remarks/errors/suggestions. Last modified: Sat Apr 14 01:57:00 CEST 2007 */ options { pidfile = "/home/bopm/bopm.pid"; /* CHANGE THIS */ dns_fdlimit = 64; }; IRC { /* * * The next block is for setting up the irc part. * You do need to change this * */ nick = "bopm"; realname = "Open Proxy Monitor"; username = "bopm"; server = "trabzon.tr.eu.turkeynet.org"; # password = "secret"; port = 6667; oper = "bopm ****"; mode = "+x"; away = "I'm a bot. Your messages will be ignored."; channel { name = "#bopm"; # key = "somekey"; # invite = "privmsg chanserv :invite #bopm"; }; connregex = "\\*\\*\\* Notice -- Client connecting: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*"; /* * * %n User's nick * %u User's username * %h User's irc hostname * %i User's IP address * */ kline = "KLINE 1440 *@%h ON * :Open Proxy found on your IP %i . Please check your system and fix it."; }; OPM { /* * * Please check the validity of using : signs in the K-line reason. If it is not supported, * you should change the kline rules below to something without the : sign * */ blacklist { name = "ircbl.ahbl.org"; type = "A record reply"; ban_unknown = yes; reply { 2 = "Open proxy"; }; kline = "KLINE 1440 *@%i :DNSBL listed. Check ircnet.com/cgi-bin/bl.cgi?ip=%i for removal."; }; blacklist { name = "cbl.abuseat.org"; type = "A record reply"; reply { 2 = "Open proxy"; }; ban_unknown = no; kline = "KLINE 1440 *@%i :DNSBL listed. Check ircnet.com/cgi-bin/bl.cgi?ip=%i for removal."; }; blacklist { name = "tor.dnsbl.sectoor.de"; type = "A record reply"; reply { 1 = "Tor exit server"; }; ban_unknown = no; kline = "gline *@%i 1440 :Tor exit server detected. Visit [Üye Olmadan Linkleri Göremezsiniz. Üye Olmak için TIKLAYIN...] for info."; }; blacklist { name = "tor.dan.me.uk"; type = "A record reply"; reply { 100 = "Tor exit server"; }; ban_unknown = no; kline = "gline *@%i 1440 :Tor exit server detected."; }; blacklist { name = "tor.ahbl.org"; type = "A record reply"; reply { 2 = "Tor exit server"; }; ban_unknown = no; kline = "gline *@%i 1440 :Tor exit server detected."; }; blacklist { name = "rbl.efnet.org"; type = "A record reply"; reply { 1 = "Open proxy"; 2 = "Trojan spreader"; 3 = "Trojan infected client"; 4 = "TOR exit server"; 5 = "Drones / Flooding"; }; ban_unknown = no; kline = "gline *@%i 1440 :DNSBL listed. Check ircnet.com/cgi-bin/bl.cgi?ip=%i for removal."; }; blacklist { name = "dnsbl.dronebl.org"; type = "A record reply"; reply { 2 = "Sample"; 3 = "IRC Drone"; 5 = "Bottler"; 6 = "Unknown spambot or drone"; 7 = "DDOS Drone"; 8 = "SOCKS Proxy"; 9 = "HTTP Proxy"; 10 = "ProxyChain"; 13 = "Brute force attackers"; 14 = "Open Wingate Proxy"; 15 = "Compromised router / gateway"; 17 = "Automatically determined botnet IPs (experimental)"; 255 = "Unknown"; }; ban_unknown = no; kline = "gline *@%i 1440 You have a host listed in the DroneBL. For more information, visit http://dronebl.org/lookup_branded?ip=%i&network=Network"; }; # dnsbl_from = "mybopm@[Üye Olmadan Linkleri Göremezsiniz. Üye Olmak için TIKLAYIN...].org"; # dnsbl_to = "
Bu forumdaki linkleri ve resimleri görebilmek için en az 25 mesajınız olması gerekir.
"; # sendmail = "/usr/sbin/sendmail"; }; scanner { name="default"; /* * * The next block of protocols is generated from the * generated weekly blitzed lists and by a generated * list of all newly found open proxies via the anal * scans performed by the XS4ALL BOPM bots. * The lists reflect the top hits in the period * from 2007.01.01 - 2007.04.13 * * If you do not want to scan at all and only check * via the DNSBL's, you should comment all the * protocol lines out. I highly recommend you do * perform scans though. It's 165 in total, but it is * a good reflection of the most basic scans a * server should check on. * */ protocol = ROUTER:23; protocol = SOCKS4:559; protocol = HTTPPOST:3128; protocol = SOCKS4:1080; protocol = HTTP:8080; protocol = SOCKS5:1182; protocol = HTTP:3128; protocol = HTTPPOST:8080; protocol = SOCKS4:9999; protocol = HTTPPOST:80; protocol = SOCKS5:1080; protocol = HTTP:63000; protocol = HTTP:8000; protocol = HTTPPOST:808; protocol = HTTP:80; protocol = HTTPPOST:6588; protocol = HTTP:6588; protocol = SOCKS5:3128; protocol = SOCKS5:10080; protocol = HTTPPOST:4480; protocol = SOCKS4:6664; protocol = SOCKS4:63808; protocol = HTTP:6667; protocol = SOCKS4:19991; protocol = SOCKS4:1098; protocol = SOCKS4:10000; protocol = SOCKS4:4471; protocol = HTTP:65506; protocol = HTTP:63809; protocol = SOCKS5:9090; protocol = HTTP:9090; protocol = HTTP:6668; protocol = SOCKS4:58; protocol = SOCKS5:58; protocol = SOCKS4:6969; protocol = WINGATE:23; protocol = SOCKS5:3380; protocol = SOCKS4:40; protocol = SOCKS5:443; protocol = SOCKS4:8888; protocol = HTTPPOST:9090; protocol = HTTP:5490; protocol = SOCKS4:8080; protocol = SOCKS5:6969; protocol = SOCKS4:1026; protocol = SOCKS4:1025; protocol = HTTP:8888; protocol = HTTP:6669; protocol = HTTP:8090; protocol = HTTP:808; protocol = SOCKS5:1029; protocol = SOCKS4:41080; protocol = SOCKS5:8020; protocol = SOCKS5:6000; protocol = HTTPPOST:8081; protocol = HTTP:4480; protocol = SOCKS5:1027; protocol = SOCKS4:1028; protocol = HTTP:3332; protocol = SOCKS5:8888; protocol = SOCKS5:1028; protocol = SOCKS4:3330; protocol = SOCKS4:29992; protocol = SOCKS4:1234; protocol = SOCKS4:1029; protocol = HTTP:5000; protocol = HTTP:443; protocol = SOCKS5:1813; protocol = SOCKS5:1081; protocol = SOCKS5:1026; protocol = SOCKS4:1337; protocol = SOCKS4:1050; protocol = HTTP:1080; protocol = SOCKS5:9999; protocol = SOCKS5:9100; protocol = SOCKS5:19991; protocol = SOCKS5:1098; protocol = SOCKS4:9100; protocol = SOCKS4:7080; protocol = SOCKS4:1033; protocol = HTTP:9000; protocol = HTTP:5800; protocol = HTTP:5634; protocol = HTTP:4471; protocol = HTTP:3382; protocol = SOCKS5:1200; protocol = SOCKS5:1039; protocol = SOCKS5:1025; protocol = SOCKS4:8002; protocol = SOCKS4:6748; protocol = SOCKS4:44548; protocol = SOCKS4:3380; protocol = SOCKS4:32167; protocol = SOCKS4:2000; protocol = SOCKS4:1979; protocol = SOCKS4:12654; protocol = SOCKS4:11225; protocol = SOCKS4:1066; protocol = SOCKS4:1030; protocol = SOCKS4:1027; protocol = SOCKS4:10099; protocol = HTTP:81; protocol = HTTP:6665; protocol = HTTP:6664; protocol = HTTP:6663; protocol = SOCKS5:8278; protocol = SOCKS5:6748; protocol = SOCKS5:4914; protocol = SOCKS5:4471; protocol = SOCKS5:29992; protocol = SOCKS5:17235; protocol = SOCKS5:1234; protocol = SOCKS5:1202; protocol = SOCKS5:1180; protocol = SOCKS5:1075; protocol = SOCKS5:1033; protocol = SOCKS5:10000; protocol = SOCKS4:8020; protocol = SOCKS4:4044; protocol = SOCKS4:3128; protocol = SOCKS4:3127; protocol = SOCKS4:28882; protocol = SOCKS4:24973; protocol = SOCKS4:21421; protocol = SOCKS4:1182; protocol = SOCKS4:1032; protocol = SOCKS4:10242; protocol = HTTPPOST:8089; protocol = HTTP:8082; protocol = HTTP:6661; protocol = HTTP:35233; protocol = HTTP:19991; protocol = HTTP:1098; protocol = HTTP:1050; protocol = SOCKS5:9988; protocol = SOCKS5:8080; protocol = SOCKS5:8009; protocol = SOCKS5:6561; protocol = SOCKS5:24971; protocol = SOCKS5:18844; protocol = SOCKS5:1122; protocol = SOCKS5:10777; protocol = SOCKS5:1030; protocol = SOCKS5:10130; protocol = SOCKS5:10099; protocol = SOCKS4:8751; protocol = SOCKS4:8278; protocol = SOCKS4:8111; protocol = SOCKS4:7007; protocol = SOCKS4:6551; protocol = SOCKS4:5353; protocol = SOCKS4:443; protocol = SOCKS4:43341; protocol = SOCKS4:3801; protocol = SOCKS4:2280; protocol = SOCKS4:1978; protocol = SOCKS4:1212; protocol = SOCKS4:1039; protocol = SOCKS4:1031; protocol = HTTPPOST:81; protocol = HTTP:9988; protocol = HTTP:7868; protocol = HTTP:7070; protocol = HTTP:444; protocol = HTTP:1200; protocol = HTTP:1039; # vhost = "127.0.0.1"; /* * * Note: it is really important to have enough file descriptors * available to the bopm process. * Also check for enough sockets. FreeBSD users should check the * net.inet.ip.portrange.last sysctl setting. (I've changed my * setting to 40000) * */ fd = 10000; max_read = 4096; timeout = 12; /* * * To set up a target for your own, you can simply * add the following line to your /etc/services: * * bopm 11111/tcp * * and then add the following line to your /etc/inetd.conf * * bopm stream tcp nowait nobody /bin/echo echo Proxy Check * * of course you can change the port and the string to * whatever you want * */ target_ip = "95.0.76.240"; /* CHANGE ME */ target_port = 6667; /* CHANGE ME */ target_string = "Proxy Check"; /* CHANGE ME */ }; user { mask = "*!*@*"; scanner = "default"; }; exempt { mask = "*!*@127.0.0.1"; mask = "*!*@255.255.255.255"; };