1
0
mirror of https://github.com/toast-ts/Daggerbot-TS.git synced 2024-12-25 23:15:38 -05:00

Block vulnerability scanners from attacking the host.

This commit is contained in:
toast-ts 2024-01-21 21:50:29 +11:00
parent 1288147a52
commit 7c8c9cedd0
2 changed files with 26 additions and 0 deletions

1
.gitignore vendored
View File

@ -1,4 +1,5 @@
.env
ips.txt
# Yarn stuff
.yarn
# TypeScript stuff

25
ufwReject.sh Normal file
View File

@ -0,0 +1,25 @@
#!/bin/bash
if [ "$EUID" -ne 0 ]; then
echo "Please run this script as root or sudo"
exit 1
fi
# Store the IP addresses in a file
IP_ADDRESSES_STORE="ips.txt"
# Scan the kernel log for IP addresses and store them in a file
dmesg | grep 'SRC=' | awk -F'SRC=' '{ print $2 }' | awk '{ print $1 }' | sort | uniq | head -n 5000 > "$IP_ADDRESSES_STORE"
# Populate the UFW reject rule with the IP addresses collected from the kernel log
while IFS= read -r ip
do
# Check if the IP is already in the UFW rules
if ! ufw status | grep -q "$ip"
then
ufw reject from $ip
fi
done < "$IP_ADDRESSES_STORE"
echo "Done populating UFW reject rule"
exit 0