JadedDragoon

#!/bin/bash
# Script for blocking IPs which have been reported to www.badips.com
#   via ipsets.
#
# - THIS SCRIPT DOES NOT BLOCK ANYTHING -
# This script only updates ipsets with applicable data from
# badips.com. Actually blocking the ips in that ipset is left
# up to the user (so that you may do so however you prefer).
#
# Additionally, this script does not persist the ipsets through

mgaulton

# so recently I had an issue where I wanted to send email sent to a local user root (from logwatch, e.g.) to a different email address
# simple enough -- just add a ~root/.forward file, with the contents root-handler-testing@gmail.com
# all the email gets sent there...
# but the email shows up with a to: header of root@my-example-machine.com
# what I really want is the to: header to be root-handler-testing@gmail.com
# so I can filter emails, etc...  below is how to do that.

#uncomment the following line in /etc/postfix/main.cf
#header_checks = regexp:/etc/postfix/header_checks

alirobe

### 
###
### UPDATE: For Win 11, I recommend using this tool in place of this script: 
### https://christitus.com/windows-tool/
### https://github.com/ChrisTitusTech/winutil
### https://www.youtube.com/watch?v=6UQZ5oQg8XA
### iwr -useb https://christitus.com/win | iex
###
###

catacs

#!/bin/bash

echo "Baned last log"
awk '($(NF-1) = /Ban/){print $NF}' /var/log/fail2ban.log | sort | uniq -c | sort -n
echo "------------ Baned in all files  --------------"
zgrep -h "Ban " /var/log/fail2ban.log* | awk '{print $NF}' | sort | uniq -c
echo "------------ Baned by subnet --------------------"
zgrep -h "Ban " /var/log/fail2ban.log* | awk '{print $NF}' | awk -F\. '{print $1"."$2"."}' | sort | uniq -c  | sort -n | tail
echo "------------ Baned by date -------------------------"
zgrep -h "Ban " /var/log/fail2ban.log* | awk '{print $5,$1}' | sort | uniq -c

nawawi

# file /etc/fail2ban/jail.conf
[rutweb-badbot]
enabled  = true
filter   = rutweb-badbot
action   = iptables-multiport[name=badbot, port="80,443"]
logpath  = /var/log/httpd/badbot.log
bantime  = 600
maxretry = 1
# end file

samuraee

#!/bin/sh
# block torrent traffic by iptable/firewall for VPN/Proxy server
# me@tartan.pro

# Delete all existing rules
iptables -F

# Set default chain policies
iptables -P INPUT DROP
iptables -P FORWARD DROP

Belphemur

# Fail2Ban configuration file
#
# Author: Cyril Jaquier
# Modified: Yaroslav O. Halchenko <debian@onerussian.com>
#                       made active on all ports from original iptables.conf
# Modified: Antoine Aflalo <antoine@aaflalo.me>
#                       Used the iptables-allports.conf as base for TARPIT.
#
#

gothicx

jail.conf:
[apache-antiloris]
enabled  = true
filter   = antiloris
action   = iptables-multiport[name=apache-antiloris,port="80,443"]
logpath  = /var/log/httpd/error_log

filter.d/antiloris.conf:
[Definition]
# Option:  failregex

trepmal

# /etc/fail2ban/filter.d/honeypot.conf
#
# Fail2Ban configuration file
#
# Author: Charles Lecklider
#

[INCLUDES]

# Read common prefixes. If any customizations available -- read them from

dvas0004

echo "Updating SearchSploit... (Kali Linux)"
# move into the exploit db directory within Kali
cd /usr/share/exploitdb

echo "Downloading latest archive..."
wget http://www.exploit-db.com/archive.tar.bz2

echo "Downloaded archive, proceeding to extract..."
tar -xjvf archive.tar.bz2