Leo Leoncio leowebguy
leowebguy
/ block_badips.sh
Created
May 30, 2017 18:13
— forked from Aikhjarto/block_badips.sh
Fetch a list of known brute force attackers from badips.com and apply/update iptables DROP rules
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This script downloads a list of IPs known for brute force attacking within the last two weeks. | |
| # The fetched IPs get blocked with iptables with the special comment "BADIP". This script only | |
| # modifies iptables rules with that comment. This measure makes it well compatible with other firewall | |
| # scripts like the SUSEFirewall. | |
| # The iptables rules are updated every time this script is executed. Additionally this script is | |
| # quiet on stdout, which makes it well suited for being executed as a cronjob. | |
| # | |
| # Please also use fail2ban with the badips modification and help to maintain the list of attackers. | |
| # See also: fail2ban and http:///www.badips.com |