Advertisement

You are here: Home > Irc > Bopm


How to Install BOPM


Blitzed Open Proxy Monitor (BOPM) is a proxy monitor that scans all incoming connections to a server (or network depending on configuration). When a client connects BOPM scans the client for open proxies, it then determines whether they are really open by using them to connect back to the server.

wget http://ircd.zemra.org/irc/bopm-3.1.3.tar.gz
tar -xvf bopm-3.1.3.tar.gz
rm -rf bopm-3.1.3.tar.gz
cd bopm-3.1.3
./configure --prefix=/home/USER/bopm (type pwd to find out the full path)
make
make install
cd
cd bopm/etc
pico bopm.conf


/* This is a modified bopm.conf
* http://www.zemra.org
* LAST MODIFIED: 2010-11-20
*/

options {
/* Full path and filename for file storing the process ID */ (type pwd to find out the full path)
pidfile = �/home/EviL/bopm/bopm.pid�;

/* seconds to store the IP address of hosts */
#    negcache = 3600;

/* Amount of file descriptors to allocate to asynchronous DNS */
dns_fdlimit = 64;

/* full path and filename of scan logfile */
#    scanlog = �/home/EviL/bopm/scan.log�;
};

IRC {
/* IP to bind to for the IRC connection */
vhost = �72.20.42.110�;

/* Nickname for BOPM to use */
nick = �TheHawk�;

/* Text to appear in the �realname� field of BOPM�s whois output */
realname = �Open Proxy Monitoring�;

/* If you don�t have an identd running, what username to use */
username = �nix�;

/* Hostname (or IP) of the IRC server */
server = �72.20.42.110�;

/* Password used to connect to the IRC server (PASS) */
#    password = �secret�;

/* Connect to IRC server via this port */
port = 6667;

/* Command to identify to NickServ */
#    nickserv = �privmsg nickserv :identify <password>�;

/* The username and password needed for BOPM to oper up */
oper = �BOPM bopmoperpass�;

/* with the following modes this BOPM will see ALL network Connections
* See Unreal documentation for more information on user modes
*/
mode = �+s +cF�;

/* Specify BOPM control channel(s) */
channel {
/* Channel name. */
name = �#Staff�;

/* Channel key */
key = �<channel-key>�;

/* command used to ask chanserv for invite */
#        invite = �privmsg chanserv :invite #bopm�;
};

/* connregex is a POSIX regular expression used to parse connection
* (+c) notices from the ircd. The complexity of the expression should
* be kept to a minimum so load is @ a minimum even during �heavy� traffic */

/* Unreal in HCN mode */
#    connregex = �\\*\\*\\* Notice � Client connecting: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*�;
connregex = �\\*\\*\\* Notice � Client connecting[.A-Za-z0-9 ]*: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*�;

/* default kline
*  %n User�s nick
*  %u User�s username     � REMEMBER!
*  %h User�s irc hostname � bots (& blacklists) don�t necessarily have (contain) hostnames
*  %i User�s IP address   � but they ALWAYS have IPs */
kline = �gline +*@%i 7d :Open Proxy found on your host.�;

/* Text to send on connection. Specify multiple with multiple lines. */
perform = �PROTOCTL HCN�;
};

OPM {

blacklist {
name = �rbl.efnetrbl.org�;
type = �A record reply�;
reply {
1 = �Open proxy�;
2 = �spamtrap666?;
3 = �spamtrap50?;
4 = �TOR exit server�;
5 = �Drones / Flooding�;
};
ban_unknown = no;
kline = �gline +*@%i 0 :4An open proxy was detected in your host1 � EFnetRBL�;
};

blacklist {
name = �dnsbl.dronebl.org�;
type = �A record reply�;
reply {
3 = �IRC Drone�;
4 = �Tor�;
5 = �Bottler�;
6 = �Unknown spambot or drone�;
7 = �DDOS Drone�;
8 = �SOCKS Proxy�;
9 = �HTTP Proxy�;
10 = �ProxyChain�;
};
ban_unknown = no;
kline = �gline +*@%i 0 :4An open proxy was detected in your host1 � DroneBL�;
};

blacklist {
name = �dnsbl.njabl.org�;
type = �A record reply�;
reply {
2 = �Open Relay�;
4 = �Confirmed Spam Source�;
9 = �Open Proxy�;
};
ban_unknown = no;
kline = �gline +*@%i 0 :4An open proxy was detected in your host1 � NJABL�;
};

blacklist {
name = �dnsbl.swiftbl.org�;
type = �A record reply�;
reply {
2 = �SOCKS Proxy�;
3 = �IRC Proxy�;
4 = �HTTP Proxy�;
5 = �IRC Drone�;
6 = �TOR�;
};
ban_unknown = no;
kline = �gline +*@%i 0 :4An open proxy was detected in your host1 � SwiftBL�;
};

blacklist {
name = �dnsbl.proxybl.org�;
type = �A record reply�;
reply {
2 = �Open proxy�;
};
ban_unknown = no;
kline = �gline +*@%i 0 :4An open proxy was detected in your host1 � ProxyBL�;
};

/* the next two entries might match too many IPs
* so they�re commented out for now
*/

/*
blacklist {
name = �dnsbl-2.uceprotect.net�;
type = �A record reply�;
reply {
2 = �Matched Entry�;
};
ban_unknown = no;
kline = �gline +*@%i 7d :uceprotect�;
};

blacklist {
name = �xbl.spamhaus.org�;
type = �A record reply�;
reply {
4 = �CBL Detected Address�
};
ban_unknown = no;
kline = �gline +*@%i 7d :4An open proxy was detected in your host1 � SpamhausXBL�;
};
*/
/* Pretend to send reports FROM */
#    dnsbl_from = �[email protected]�;

/* Email address to send reports TO.  Specify multiple with multiple lines. */
#    dnsbl_to = �[email protected]�;

/* Full path to your sendmail binary */
#    sendmail = �/usr/sbin/sendmail�;
};

/* Exempt hosts matching (hostname or IP) strings from any form of scanning or dnsbl */
exempt {
mask = �*!*@127.0.0.1?;
};

exempt {
mask = �*!*@72.20.42.*�; # Zemra.Org SHELL IP
};

cd ..
cd bin
./bopm


Written by DeviL
www.Zemra.Org
Email: [email protected]

Do your have a problem with bots and drones connecting to your server? Have you been looking for a BOPM BlackList 2016 that will catch most of the proxies connecting to your server? Have a try with this list I bet you`ll be satisfied!


blacklist {
name = "opm.blitzed.org";
type = "A record bitmask";
ban_unknown = yes;
reply {
1 = "WinGate";
2 = "Socks";
4 = "HTTP";
8 = "Router";
16 = "HTTP POST";
};
kline = "KLINE 10080 *@%i :Sorry, %n, Open Proxy found on your host. Please visit www.blitzed.org/proxy?ip=%i for more information.";
};

blacklist {
name = "dnsbl.njabl.org";
type = "A record reply";
reply {
9 = "Open proxy";
};
ban_unknown = no;
kline = "KLINE 10080 *@%i :%n, Your IP, %i, is in our Open Proxy List.. www.njabl.org/cgi-bin/lookup.cgi?query=%i";
};

blacklist {
name = "dnsbl.swiftbl.org";
type = "A record reply";
reply {
2 = "SOCKS Proxy";
3 = "HTTP Proxy";
4 = "IRC Drone";
};
ban_unknown = no;
kline = "gline +*@%h 10000 :Your host is listed in SwiftBL. For further information and removal visit http://swiftbl.org/lookup";
};

blacklist {
name = "virbl.dnsbl.bit.nl";
type = "A record reply";
ban_unknown = yes;
reply {
2 = "Virus";
};
kline = "KLINE 10080 *@%i :%n, Your IP, %i, is in our Virus List.. http://virbl.bit.nl/list.php";
};

blacklist {
name = "ircbl.ahbl.org";
type = "A record reply";
ban_unknown = yes;
reply {
2 = "Abusive";
};
kline = "KLINE 10080 *@%i :%n, Your IP, %i, is in our DDoS/Drone/Spammer/Abuse List.. http://www.ahbl.org/tools/lookup.php?ip=%i";
};

blacklist {
name = "tor.dnsbl.sectoor.de";
type = "A record reply";
reply {
1 = "Tor exit server";
};
ban_unknown = no;
kline = "KLINE 10080 *@%i :%n, Your IP, %i, is in our TOR Server List.. http://www.sectoor.de/tor.php?ip=%i";
};

blacklist {
name = "rbl.efnetrbl.org";
type = "A record reply";
ban_unknown = no;
reply {
1 = "Open Proxy";
2 = "spamtrap666";
3 = "spamtrap50";
4 = "TOR";
5 = "Drones / Flooding";
};
kline = "KLINE 1440 *@%h :Blacklisted Proxy found. Visit http://rbl.efnetrbl.org/?i=%i for info.";
};

blacklist {
name = "tor.ahbl.org";
type = "A record reply";
reply {
2 = "Tor exit server";
};
ban_unknown = no;
kline = "KLINE 10080 *@%i :%n, Your IP, %i, is in our TOR Server List.. http://www.ahbl.org/tools/lookup.php?ip=%i";
};

blacklist {
name = "no-more-funn.moensted.dk";
type = "A record reply";
ban_unknown = no;
reply {
10 = "Open Proxy";
};
kline = "KLINE 10080 *@%i :%n, Your IP, %i, is in our Open Proxy List.. http://moensted.dk/spam/no-more-funn?addr=%i";
};

blacklist {
name = "dnsbl.sorbs.net";
type = "A record reply";
ban_unknown = no;
reply {
2 = "Open HTTP Proxy";
3 = "Open Socks Proxy";
4 = "Other Open Proxy";
};
kline = "KLINE 10080 *@%i :%n, Your IP, %i, is in our Open Proxy List as a %t.. http://dnsbl.sorbs.net/cgi-bin/db?IP=%i";
};

blacklist {
name = "spbl.bl.winbots.org";
type = "A record reply";
ban_unknown = yes;
reply {
1 = "Test";
2 = "UnderNet Spam";
3 = "QuakeNet Spam";
4 = "Winbots Spam";
};
kline = "KLINE 10080 *@%i :%n, Your IP, %i, is in our %t List.. Email [email protected] to get this resolved.";
};

blacklist { name = "dronebl.noderebellion.net";
type = "A record reply";
ban_unknown = no;> reply { 3 = "IRC spam drone (litmus/sdbot)";
4 = "Tor anonymous proxy";
5 = "IRC DDoS drone (wisdom/agobot/phatbot/rxbot)";
10 = "Open proxy";
14 = "Unknown worm/bot (found in DDoS attack by dronebl user)";
17 = "Unknown worm/bot (found scanning NodeRebellion's IP network)";
19 = "Open proxy (proxychain)";
};
kline = "KLINE 10080 *@%i :Your IP (%i), is listed as a %t in the DroneBL, see http://www.noderebellion.net/tools/lookup/?ip=%i";
};

blacklist {
name = "tor.sectoor.de";
type = "A record reply";
reply {
1 = "tor exit server";
};
ban_unknown = no;
kline = "KLINE *@%i 7d :You are in the tor.sectoor.de DNSBL. Please visit http://www.sectoor.de/tor.php?ip=%i";
};