Skip to content
/ autosecure Public
forked from cowgill/spamhaus

Shell script that grabs the latest drop lists and adds to iptables

License

GPL-3.0 license
1 star 21 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

vincentkoc/autosecure

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits
.gitignore
.gitignore
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
autosecure.sh
autosecure.sh
 
 

Repository files navigation

Autosecure Bad-IP Blocking

Donate BTC Donate ETH

A shell script that grabs a number of spam block-lists such as Spamhaus DROP & EDROP Lists, DSheild, and Abuse.ch Free Hosts and Bad IPs and adds them to iptables to cut down on spam and other malicious activity.

Uses

  • Secure public facing servers to common treats by blacklisting IP's known for absue
  • Anti-DDOS to some level based on key threats
  • Speed and Realibility using a number of sources to secure servers

Sources Used

Spamhaus DROP List:		https://www.spamhaus.org/drop/drop.txt
Spamhaus EDROP List:		https://www.spamhaus.org/drop/edrop.txt
Dsheild Block List:		http://feeds.dshield.org/block.txt
Abuse.ch Block List:		https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist

Installation

Place the script somewhere on your server.

# Download the script
curl -LO https://github.com/koconder/autosecure/raw/master/autosecure.sh

### make it executable
chmod +x autosecure.sh

### set it loose
sudo ./autosecure.sh

### confirm the rules have been added
sudo iptables -L Autosecure -n

Run-time Flags

To run without output "quite mode", usefull for cronjobs you can use:

./autosecure.sh -q

Automatic Updating

In order for the list to automatically update each day, you'll need to setup a cron job with crontab.

# fire up the crontab (no sudo)
crontab -e

### run the script every day at 3am
0 3 * * * /{install location}/autosecure.sh -q

Troubleshooting

If you need to remove all the Autosecure rules, run the following:

sudo iptables -F Autosecure
sudo iptables -F AutosecureAct

Contributing and Donations

If you find something interesting or would like to contribute, please open issue and start disccussion. Feel free to fork and pull request. If this repo has helped you out feel free to donate via BTC/ETH or to the EFF

Licences & Contributors

This script is licenced under GNU GPL v3, please read LICENCE.md for more information.

Based on the initial work from @cowgill and Vivek Gite (nixCraft). The initial work has been since updated with a number of additional sources. All contributions and merges from:

David @cowgill
Vincent Koc @koconder
Volkan @volkan-k
Anasxrt @Anasxrt
ShamimIslam @ShamimIslam

About

Shell script that grabs the latest drop lists and adds to iptables

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%