blocking lame botnets

 #!/bin/sh


if [ -z "$1" ] ; then

echo please provide the ip to ban

exit

fi


if [ -z "$2" ] ; then

echo please provide the reason as a string with underscores

echo eg tried_to_hack_dns

echo if you provide the reason as http-hacker it will

echo prevent this ip from accessing http ports

exit

fi 


if [ -z "`grep $1 /etc/hosts.deny`" ] ; then

echo "# "$2 >> /etc/hosts.deny

if [ "$2" != "http-hacker" ] ; then

echo "sshd,pop,pop3,smb,imap,afp,ftp: "$1 >> /etc/hosts.deny

fi

if [ "$2" = "http-hacker" ] ; then

        echo "sshd,pop,pop3,smb,imap,afp,ftp,http,https: "$1 >> /etc/hosts.deny

        fi

echo "Added the following to hosts.deny:"

tail -n2 /etc/hosts.deny

ourIp="[insert here]"

echo "iptables -t filter -I INPUT -s $1 -p tcp --dport 22 -d $ourIp -j REJECT etc, etc"

iptables -t filter -I INPUT -s $1 -p tcp --dport 22 -d $ourIp -j REJECT

iptables -t filter -I INPUT -s $1 -p tcp --dport 110 -d $ourIp -j REJECT

iptables -t filter -I INPUT -s $1 -p tcp --dport 143 -d $ourIp -j REJECT

iptables -t filter -I INPUT -s $1 -p tcp --dport 548 -d $ourIp -j REJECT

iptables -t filter -I INPUT -s $1 -p tcp --dport 20 -d $ourIp -j REJECT

iptables -t filter -I INPUT -s $1 -p tcp --dport 21 -d $ourIp -j REJECT

iptables -t filter -I INPUT -s $1 -p tcp --dport 445 -d $ourIp -j REJECT

if [ "$2" = "http-hacker" ] ; then

iptables -t filter -I INPUT -s $1 -p tcp --dport 80 -d $ourIp -j REJECT

iptables -t filter -I INPUT -s $1 -p tcp --dport 443  -d $ourIp -j REJECT

fi

iptables-save > /etc/sysconfig/iptables.save

fi

if [ "`grep $1 /etc/hosts.deny`" = "" ] ; then

echo $1" is already in hosts.deny"

fi


/scripts/ban-email $1 $2


echo "DONT FORGET TO TRY SSH IN TO CHECK THE FIREWALL HASNT LOCKED YOU OUT"


echo $1 >> /root/hackers




and ban-email script:


#!/bin/sh


if [ -z "$1" ] ; then

echo please provide the ip or address to ban

exit

fi


if [ -z "$2" ] ; then

echo please provide the reason as a string with underscores

echo eg spammer

exit

fi 


if [ -z "`grep $1 /etc/mail/access`" ] ; then

# we've not banned them before

echo "# "$2 >> /etc/mail/access

echo $1"      DENY" >> /etc/mail/access

cd /etc/mail ; make ; cd - 2> /dev/null 1>/dev/null

echo "Added the following to mail-access:"

tail -n2 /etc/mail/access

# echo "blacklist_from $1" >> /etc/mail/sa-blacklist

#/scripts/sa-restart

exit

fi

if [ "`grep $1 /etc/mail/access`" != "" ] ; then

echo "not adding $1 - alreading in mail.access"

exit

fi


Popular posts from this blog

Automatically Fix Song Metadata and Filenames on Linux with Beets

 🎵 Automatically Fix Song Metadata and Filenames on Linux with Beets Tired of sorting through unknown MP3s with cryptic filenames like Track01.mp3? Sick of missing album info, incorrect genres, and zero cover art? Here's a clean way to batch-fix your music collection with open source tools — no manual editing required. ✅ What You’ll Use beets — the core tool that organizes, renames, and tags your music by matching against the MusicBrainz database. libchromaprint-tools — provides fpcalc, which generates audio fingerprints to identify unlabeled tracks. ffmpeg (optional) — used by beets for transcoding or embedded cover art processing. 🔧 Installation sudo apt update sudo apt install beets libchromaprint-tools ffmpeg 🚀 One Command to Organize It All beet import /path/to/your/music/ Beets will: Fingerprint each file Query MusicBrainz for metadata Rename files (e.g., Artist - Title.mp3) Write correct ID3/metadata tag Optionally move files into organized folders 📁 Example Output Your ...
Read more

throttle traffic on apache

sudo apt install apache2-utils sudo apt install libapache2-mod-evasive vi /etc/apache2/mods-enabled/evasive.conf service apache restart edit it and set values as per below or whatever else you like, the time quantities are seconds     DOSSiteInterval     1     DOSBlockingPeriod   10     #DOSLogDir           "/var/lock/mod_evasive"
Read more

script to show all files with disk usage sizes

Normally to get the disk usage of a folder you use get properties on the rightclick or similar. However there are hidden files starting with . in their name that you can get info on, only in the terminal, using the  du -sh  command. If you have hundreds of them (which you do!) this becomes tedious. The following script gives you a directory listing with the files all indicated in file sizes and highlights on files of megabytes or gigabytes in size.  #!/bin/bash # Set Internal Field Separator to handle spaces in filenames IFS=$'\n' # Loop through all files and directories for i in $(/bin/ls -A); do        size=$(du -sh "$i" | awk '{print $1}')           # Apply colors: bold for MB, bright bold for GB      case "$size" in          *M) color="\e[1m" ;;         # Bold for Megabytes          *G) color="\e[1;97m" ;;      # Br...
Read more