From db889584d32688c98c86c1a4ad594a1ec724c179 Mon Sep 17 00:00:00 2001 From: sysadt Date: Wed, 8 Nov 2023 22:55:14 +0100 Subject: [PATCH 1/2] UFW automatic blacklist rules --- README.md | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/README.md b/README.md index f2f2c73..d41ed51 100644 --- a/README.md +++ b/README.md @@ -1651,6 +1651,36 @@ Then you can enable it like any other app: sudo ufw allow plexmediaserver ``` +#### Automatic IP-Blacklisting + +The [IPSum](https://github.com/stamparm/ipsum) project is hosting a blacklist of known malicious IP addresses which gets updated daily. You can automatically import these with UFW and [these scripts](https://github.com/sysadt/UFW-Automatic-IP-Blacklisting). + +Create a directory for your blacklist and the scripts: +``` +mkdir /opt/ip-blacklist +``` + +Download the scripts to the created directory: +``` +wget https://raw.githubusercontent.com/sysadt/UFW-Automatic-IP-Blacklisting/main/ip-blacklist.sh -P /opt/ip-blacklist +wget https://raw.githubusercontent.com/sysadt/UFW-Automatic-IP-Blacklisting/main/update-blacklist.sh -P /opt/ip-blacklist +``` + +Change permissions: +``` +chmod 700 /opt/ip-blacklist/ip-blacklist.sh +chmod 700 /opt/ip-blacklist/update-blacklist.sh +``` + +Add the scripts to a daily cronjob: +``` +crontab -e +``` +``` +0 6 * * * /opt/ip-blacklist/update-blacklist.sh +10 6 * * * /opt/ip-blacklist/ip-blacklist.sh +``` + ([Table of Contents](#table-of-contents)) ### iptables Intrusion Detection And Prevention with PSAD From fbd72e25caa2c176952452fb91b8f28ab70c1779 Mon Sep 17 00:00:00 2001 From: sysadt Date: Thu, 9 Nov 2023 11:11:39 +0100 Subject: [PATCH 2/2] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index d41ed51..cc2536a 100644 --- a/README.md +++ b/README.md @@ -1674,7 +1674,7 @@ chmod 700 /opt/ip-blacklist/update-blacklist.sh Add the scripts to a daily cronjob: ``` -crontab -e +sudo crontab -e ``` ``` 0 6 * * * /opt/ip-blacklist/update-blacklist.sh