View Single Post
Old 12-07-2017, 12:28 AM  
Barry-xlovecam
It's 42
 
Industry Role:
Join Date: Jun 2010
Location: Global
Posts: 18,083
as root

Code:
$ ./ufw_deny_all.sh
Code:
#!/bin/bash 
#-vx
file=server-ban-ufw-list.csv
for line in $(cat $file)  ; do

ufw deny from $line to any
sleep 1

done < ${file}
This script will stop after 30 entries sonetimes ^s ^q will restart it
you can try
Code:
$ ./ufw_deny_all.sh || true
that may help
bash error checking is
Code:
#!/bin/bash -vx
There a lot of setup tutorials on UFW

I added allow to ssh (22) only my static ips
I DID NOT allow ftp (I only use sftp and scp on 22)
I allow ftp when necessary I have a worpress on one server that needs it to update, After up dating I block ftp
You need to allow http and https

--------

Code:
barry@paragon-DS-7:~$ host 51.15.40.0
0.40.15.51.in-addr.arpa domain name pointer 0-40-15-51.rev.cloud.scaleway.com.
barry@paragon-DS-7:~$ host 37.9.114.0
Host 0.114.9.37.in-addr.arpa. not found: 3(NXDOMAIN)
barry@paragon-DS-7:~$ whois 37.9.114.0
Quote:

inetnum: 37.9.64.0 - 37.9.127.255
netname: RU-YANDEX-20111214

country: RU
org: ORG-YA1-RIPE
You want to block the *right* ips or CIDR /24 /20 etc.
I only block single IPs for abusive ISP users and not servers -- I will cut off whole datacenters on some servers -- without looking back. However I know i may lose some VPN users that are legit buyer (collateral damage).

On mail servers you need to only block some single IPs of spam servers (etc).

you need to allow the ports your mail server needs (<incoming)

Code:
#!/bin/bash 
#-vx
file=server-ban-ufw-list.csv
for line in $(cat $file)  ; do

echo host $line
sleep 1

done < ${file}
WHO THE IPs that resolve ARE!
https://pastebin.com/28QEjW6B

Ahrefs and Semrush are spybots -- SEO for simpletons.

What bots look like IRL


The ones that do not resolve are servers in datacenters probably with no hostname entry.
If you don't want to do business with them -- block them -- that is up to you. Most legit (not all) ISP users (people) IP's resolve to hostnames.

$resolveip [ip] [hostname]

$man resolveip
Barry-xlovecam is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote