OpenBL.org - Blacklisting and Abuse Reporting

The OpenBL.org project (formerly known as the SSH blacklist) is about detecting, logging and reporting bruteforce attacks. Currently our hosts monitor port 21 (FTP) and 22 (SSH) for attacks. For every logged attack an email is sent out to the contacts listed in the whois information of the attacking hosts IP address, just a few seconds after the attack started. It is our hope that the responsible administrators use that information to quickly clean and secure the misused machines.

Additionally the IP gets published on a public blacklist (see below) which is updated every few minutes and contains IP addresses of hosts which tried to bruteforce into any of our currently 17 hosts (all running OpenBSD, FreeBSD or some Linux distribution). The hosts are located in Germany, the United States, United Kingdom, France, England, Ukraine, China, Czech Republic and setup to report and log those attempts to a central database, very similar to all the spam blacklists out there.

******************************************

If you are running some kind of virtualization technology that lets you run
virtual (Free|Open)BSD (prefered) or Linux hosts, got some spare ressources,
money or even a dedicated server, you could donate, do not hesitate to use
the email address below. All that is needed is approx. >=128 MB RAM, some
swap, >=1024 MB HDD space and, of cause, at least one external IP. Multiple
different IPs or small subnets increase the detection rate dramaticaly.

Amazon Wishlists:
amazon.de | amazon.co.uk | amazon.com

PayPal Donations are also accepted:

******************************************

The newest entries are always added to the top. An attack is logged as retry if the same IP is logged again either at least 48 hours later from the same host or from any other host that reports those attacks. To not get a too high retry count all hosts that report are within different IP ranges from different providers.

OpenBL.org Blacklisting and Abuse Reporting

The OpenBL.org project (formerly known as the SSH blacklist) is about detecting, logging and reporting bruteforce attacks. Currently our hosts monitor port 21 (FTP) and 22 (SSH) for attacks. For every logged attack an email is sent out to the contacts listed in the whois information of the attacking hosts IP address, just a few seconds after the attack started. It is our hope that the responsible administrators use that information to quickly clean and secure the misused machines. Additionally the IP gets published on a public blacklist (see below) which is updated every few minutes and contains IP addresses of hosts which tried to bruteforce into any of our currently 17 hosts (all running OpenBSD, FreeBSD or some Linux distribution). The hosts are located in Germany, the United States, United Kingdom, France, England, Ukraine, China, Czech Republic and setup to report and log those attempts to a central database, very similar to all the spam blacklists out there. **************************************** If you are running some kind of virtualization technology that lets you run virtual (Free\|Open)BSD (prefered) or Linux hosts, got some spare ressources, money or even a dedicated server, you could donate, do not hesitate to use the email address below. All that is needed is approx. >=128 MB RAM, some swap, >=1024 MB HDD space and, of cause, at least one external IP. Multiple different IPs or small subnets increase the detection rate dramaticaly. Amazon Wishlists: amazon.de \| amazon.co.uk \| amazon.com PayPal Donations are also accepted: **************************************** The newest entries are always added to the top. An attack is logged as retry if the same IP is logged again either at least 48 hours later from the same host or from any other host that reports those attacks. To not get a too high retry count all hosts that report are within different IP ranges from different providers. main IP list other lists / statistics Your IP is listed here? Delist yourself!

Latest News (taken from Twitter) Fri Dec 09 09:35:54 2011: Since Oct 2009, when the project was started, we now have logged over 35k attacks with over 20k unique IPs from 152 different countries. Wed Apr 06 06:43:28 2011: Yesterday we reached 2 limits. It was the 1st day with > 100 attacks and we now have more than 10000 IPs listed from almost 18000 attacks. Fri Apr 01 09:37:43 2011: And another "thank you" to http://www.34sp.com/ for also supporting us with a virtual server. More news ...

Contact: support{AT}openbl{D0T}org Donations: Thank you! Supported by: Dedicated Servers by ServerPronto BSDVM - BSD Virtual Machines CheapVPS.co.uk - Cheap UK OpenVZ, Xen & KVM VPS Dedicated and Virtual servers by Coolhousing Devaus FsckVPS.com - Cheap Unmanaged US VPS JustHost.in.ua - Just quality hosting in Ukraine RootBSD - The Hosting Specialists VPShosting.com.hk - Freedom of Dedicated. Fraction of Cost! Webangel - To push the leading edge of IT, achieveing the impossible Website Hosting provided by 34SP.com your.org - Your Source for Internet and E-Business Solutions

OpenBL.orgBlacklisting and Abuse Reporting

OpenBL.org
Blacklisting and Abuse Reporting