CSEC_PUBLIC/How-To-Secure-A-Linux-Server
1
0
Fork 0
mirror of https://github.com/imthenachoman/How-To-Secure-A-Linux-Server.git synced 2025-12-06 09:12:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

UFW automatic blacklist rules

Browse Source
This commit is contained in:
sysadt
2023-11-08 22:55:14 +01:00
committed by GitHub
parent fe62dc3a11
commit db889584d3
1 changed files with 30 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
README.md
View File

@@ -1651,6 +1651,36 @@ Then you can enable it like any other app:
sudo ufw allow plexmediaserver
```
#### Automatic IP-Blacklisting
The [IPSum](https://github.com/stamparm/ipsum) project is hosting a blacklist of known malicious IP addresses which gets updated daily. You can automatically import these with UFW and [these scripts](https://github.com/sysadt/UFW-Automatic-IP-Blacklisting).
Create a directory for your blacklist and the scripts:
```
mkdir /opt/ip-blacklist
```
Download the scripts to the created directory:
```
wget https://raw.githubusercontent.com/sysadt/UFW-Automatic-IP-Blacklisting/main/ip-blacklist.sh -P /opt/ip-blacklist
wget https://raw.githubusercontent.com/sysadt/UFW-Automatic-IP-Blacklisting/main/update-blacklist.sh -P /opt/ip-blacklist
```
Change permissions:
```
chmod 700 /opt/ip-blacklist/ip-blacklist.sh
chmod 700 /opt/ip-blacklist/update-blacklist.sh
```
Add the scripts to a daily cronjob:
```
crontab -e
```
```
0 6 * * * /opt/ip-blacklist/update-blacklist.sh
10 6 * * * /opt/ip-blacklist/ip-blacklist.sh
```
([Table of Contents](#table-of-contents))
### iptables Intrusion Detection And Prevention with PSAD