OpenBL.org

Abuse Reporting and Blacklisting


Home News Lists Statistics Services Privacy Donate! FAQ Contact MyLogin

The OpenBL.org project (formerly known as the SSH blacklist) is about detecting, logging and reporting various types of internet abuse. Currently our hosts monitor ports 21 (FTP), 22 (SSH), 23 (TELNET), 25 (SMTP), 110 (POP3), 143 (IMAP), 587 (Submission), 993 (IMAPS) and 995 (POP3S) for bruteforce login attacks as well as scans on ports 80 (HTTP) and 443 (HTTPS) for vulnerable installations of phpMyAdmin and other web applications. For every logged attack an email is sent out to the contacts listed in the whois record and/or the reverse IP SOA information of the attacking hosts IP address, just a few seconds after the attack or scan started. It is our hope that the responsible administrators use the provided information to quickly secure and clean the misused and probably compromised hosts.

Additionally the IP gets published on a public blacklist, which is updated every few minutes and contains IP addresses of hosts which attacked any of our currently 43 hosts (all running OpenBSD or some Linux distribution). The hosts are located all around the world and setup to report and log those attempts to a central database, very similar to all the spam blacklists out there.

The newest entries are always added to the top of the lists. An attack is logged as retry if the same IP is logged again at least 48 hours later from the same host or from any other host that reports those attacks. To prevent a too high retry count all hosts that report are within different IP ranges from different providers.

Most of our abuse reports come from hosts that were donated to the project from individuals or companies. Without this generous help the project wouldn't be possible! If you like what we are doing and use our service please think about if there is anything you (or your company) can do to help to improve our service even more.

You received a mail that your IP is listed here?
Delist yourself!

Latest News
(taken from Twitter)
  • Mon Apr 14 15:40:45 2014 UTC:
    Our thanks go to Cloud I.T. Canada (https://t.co/y8e8WccrHv) for donating a virtual machine to our service.

  • Tue Apr 01 08:55:40 2014 UTC:
    Breaking News: The OpenBL project has been bought by Facebook for $10M. Now that funding isn't an issue anymore you can expect great stuff

  • Sat Feb 15 20:26:22 2014 UTC:
    Wow, we had a HUGE increase of attacks during the last months. In 08/2013 we had 5k and in 01/2014 it were 15k with an overall total of 150k

More news ...


Contact:
support{AT}openbl{D0T}org

OpenBL.org is supported by:


Valid HTML 5 Valid CSS!