BOPM

How To Install BOPM
Si Instalohet BOPM

Blitzed Open Proxy Monitor (BOPM) is a proxy monitor that scans all incoming connections to a server (or network depending on configuration). When a client connects BOPM scans the client for open proxies, it then determines whether they are really open by using them to connect back to the server.
1. wget http://static.blitzed.org/www.blitzed.org/bopm/files/bopm-3.1.3.tar.gz
2. tar -xvf bopm-3.1.3.tar.gz
3. rm -rf bopm-3.1.3.tar.gz
4. cd bopm-3.1.3
5. ./configure --prefix=/home/user/bopm
6. make
7. make install
8. cd
9. cd bopm/etc
10. pico bopm.conf

/* This is a modified bopm.conf
* https://www.zemra.org
* LAST MODIFIED: 2010-11-20
*/

options {
/* Full path and filename for file storing the process ID */
pidfile = “/home/EviL/bopm/bopm.pid”;

/* seconds to store the IP address of hosts */
#    negcache = 3600;

/* Amount of file descriptors to allocate to asynchronous DNS */
dns_fdlimit = 64;

/* full path and filename of scan logfile */
#    scanlog = “/home/EviL/bopm/scan.log”;
};

IRC {
/* IP to bind to for the IRC connection */
vhost = “72.20.42.110”;

/* Nickname for BOPM to use */
nick = “TheHawk”;

/* Text to appear in the “realname” field of BOPM’s whois output */
realname = “Open Proxy Monitoring”;

/* If you don’t have an identd running, what username to use */
username = “nix”;

/* Hostname (or IP) of the IRC server */
server = “72.20.42.110”;

/* Password used to connect to the IRC server (PASS) */
#    password = “secret”;

/* Connect to IRC server via this port */
port = 6667;

/* Command to identify to NickServ */
#    nickserv = “privmsg nickserv :identify <password>”;

/* The username and password needed for BOPM to oper up */
oper = “BOPM bopmoperpass”;

/* with the following modes this BOPM will see ALL network Connections
* See Unreal documentation for more information on user modes
*/
mode = “+s +cF”;

/* Specify BOPM control channel(s) */
channel {
/* Channel name. */
name = “#Staff”;

/* Channel key */
key = “<channel-key>”;

/* command used to ask chanserv for invite */
#        invite = “privmsg chanserv :invite #bopm”;
};

/* connregex is a POSIX regular expression used to parse connection
* (+c) notices from the ircd. The complexity of the expression should
* be kept to a minimum so load is @ a minimum even during ‘heavy’ traffic */

/* Unreal in HCN mode */
#    connregex = “\*\*\* Notice — Client connecting: ([^ ]+) \(([^@]+)@([^\)]+)\) \[([0-9\.]+)\].*”;
connregex = “\*\*\* Notice — Client connecting[.A-Za-z0-9 ]*: ([^ ]+) \(([^@]+)@([^\)]+)\) \[([0-9\.]+)\].*”;

/* default kline
*  %n User’s nick
*  %u User’s username     – REMEMBER!
*  %h User’s irc hostname – bots (& blacklists) don’t necessarily have (contain) hostnames
*  %i User’s IP address   – but they ALWAYS have IPs */
kline = “gline +*@%i 7d :Open Proxy found on your host.”;

/* Text to send on connection. Specify multiple with multiple lines. */
perform = “PROTOCTL HCN”;
};

OPM {

blacklist {
name = “rbl.efnetrbl.org”;
type = “A record reply”;
reply {
1 = “Open proxy”;
2 = “spamtrap666”;
3 = “spamtrap50”;
4 = “TOR exit server”;
5 = “Drones / Flooding”;
};
ban_unknown = no;
kline = “gline +*@%i 0 :4An open proxy was detected in your host1 – EFnetRBL”;
};

blacklist {
name = “dnsbl.dronebl.org”;
type = “A record reply”;
reply {
3 = “IRC Drone”;
4 = “Tor”;
5 = “Bottler”;
6 = “Unknown spambot or drone”;
7 = “DDOS Drone”;
8 = “SOCKS Proxy”;
9 = “HTTP Proxy”;
10 = “ProxyChain”;
};
ban_unknown = no;
kline = “gline +*@%i 0 :4An open proxy was detected in your host1 – DroneBL”;
};

blacklist {
name = “dnsbl.njabl.org”;
type = “A record reply”;
reply {
2 = “Open Relay”;
4 = “Confirmed Spam Source”;
9 = “Open Proxy”;
};
ban_unknown = no;
kline = “gline +*@%i 0 :4An open proxy was detected in your host1 – NJABL”;
};

blacklist {
name = “dnsbl.swiftbl.org”;
type = “A record reply”;
reply {
2 = “SOCKS Proxy”;
3 = “IRC Proxy”;
4 = “HTTP Proxy”;
5 = “IRC Drone”;
6 = “TOR”;
};
ban_unknown = no;
kline = “gline +*@%i 0 :4An open proxy was detected in your host1 – SwiftBL”;
};

blacklist {
name = “dnsbl.proxybl.org”;
type = “A record reply”;
reply {
2 = “Open proxy”;
};
ban_unknown = no;
kline = “gline +*@%i 0 :4An open proxy was detected in your host1 – ProxyBL”;
};

/* the next two entries might match too many IPs
* so they’re commented out for now
*/

/*
blacklist {
name = “dnsbl-2.uceprotect.net”;
type = “A record reply”;
reply {
2 = “Matched Entry”;
};
ban_unknown = no;
kline = “gline +*@%i 7d :uceprotect”;
};

blacklist {
name = “xbl.spamhaus.org”;
type = “A record reply”;
reply {
4 = “CBL Detected Address”
};
ban_unknown = no;
kline = “gline +*@%i 7d :4An open proxy was detected in your host1 – SpamhausXBL”;
};
*/
/* Pretend to send reports FROM */
#    dnsbl_from = “[email protected]”;

/* Email address to send reports TO.  Specify multiple with multiple lines. */
#    dnsbl_to = “[email protected]”;

/* Full path to your sendmail binary */
#    sendmail = “/usr/sbin/sendmail”;
};

/* Exempt hosts matching (hostname or IP) strings from any form of scanning or dnsbl */
exempt {
mask = “*!*@127.0.0.1”;
};

exempt {
mask = “*!*@72.20.42.*”; # Zemra.Org SHELL IP
};

12. cd ..
13. cd bin
14. ./bopm

Written by DeviL
www.Zemra.Org
Email: [email protected]