Hi all
Does any body here know where can i get a firewall for irc that blocks all kind of ports that i add.
For example if i add a port 31267 to firewall so that any body that is trying to use proxy/socks port 31267 will be automaticly stoped from the firewall. I have 2 proxy scanners installed but it doesnt help me at all.
I dont wanna just scan for open proxy i wanna block all kind of proxies secure or insecure doesnt matter.
And also i need a good ddos protection program if some body know where to bay all will bay it.
Thank you for any help
Firewall for irc
What you, guesti, are describing is not possible. From an incoming connection it is impossible to see if the user is from a proxy or not. You cannot solve that at firewall level.
You either have to scan, use dns blacklists (dnsbl's), or other counter measures, and even that is not a guarantee that you would catch everyon ;)
You either have to scan, use dns blacklists (dnsbl's), or other counter measures, and even that is not a guarantee that you would catch everyon ;)
-
guesti
Can you explain me a little bit please how to use the dns blacklists and where it is, and where are does other counter measures. And also if you know some softwares that at least help something in protecting ircd not for 100% but 30% would also help.Syzop wrote:use dns blacklists (dnsbl's), or other counter measures
Thanks for fast replay
-
ARcanUSNUMquam
- Posts: 17
- Joined: Fri Apr 01, 2005 1:31 am
- Contact:
Look up these two proxy scanners. BOPM (Blitzed Open Proxy Monitor, i think) and OPSB (Open Proxy Scanning Bot? not sure). They are highly effective.
A lot of people use BOPM, but if you use BOPM remember to reconfigure it to use another DNS Blacklist (DNSBL) because the default blacklist went down.
I personally think OPSB is a little less effective, and you have to load the entire neostats package on, and I don't like NeoStats.
A lot of people use BOPM, but if you use BOPM remember to reconfigure it to use another DNS Blacklist (DNSBL) because the default blacklist went down.
I personally think OPSB is a little less effective, and you have to load the entire neostats package on, and I don't like NeoStats.
Re: Firewall for irc
Well if u got root access then you can use "apf" in linux to block those port read the featureguesti wrote:Hi all
Does any body here know where can i get a firewall for irc that blocks all kind of ports that i add.
For example if i add a port 31267 to firewall so that any body that is trying to use proxy/socks port 31267 will be automaticly stoped from the firewall. I have 2 proxy scanners installed but it doesnt help me at all.
I dont wanna just scan for open proxy i wanna block all kind of proxies secure or insecure doesnt matter.
And also i need a good ddos protection program if some body know where to bay all will bay it.
Thank you for any help
http://www.r-fx.org/apf.php
./SLipKnOt --help
-
ARcanUSNUMquam
- Posts: 17
- Joined: Fri Apr 01, 2005 1:31 am
- Contact:
Try these threads on searchirc.org:MiNdErAsR wrote:Do you know of a viable alternate blacklist?ARcanUSNUMquam wrote:A lot of people use BOPM, but if you use BOPM remember to reconfigure it to use another DNS Blacklist (DNSBL) because the default blacklist went down.
http://searchirc.com/boards/viewtopic.p ... =blacklist
http://searchirc.com/boards/viewtopic.p ... =blacklist
Some of these blacklists may have died out. Make sure you check them out for a proper response before using them fully. Others may have bad banning policies or it may take forever to get a fixed/nonmalicious/dynamic IP off the list, which will screw with some of your users. The best one out there was the BOPM default one, but sadly it went down.
-
guesti
Re: Firewall for irc
How do i have to install this one? In the readme file i cant find the instruction for installing this script.SLipKnOt wrote:Well if u got root access then you can use "apf" in linux to block those port read the feature
http://www.r-fx.org/apf.php