D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] iptables and hackers

 

Heh - I recognise those URLs..... I had them too...
Yeah - just get an IP blocklist... This will echo any known dodgy or
spam IPs out - so do what you will.

#!/bin/bash
site=`echo http://www.cyber-ta.org/releases/malware-analysis/public/`
today=`perl -e 
'@T=localtime(time-86400);printf("%04d-%02d-%02d",$T[5]+1900,$T[4]+1,$T[3])'`
daily=`echo $site$today-public/Attacker_List.summary`

for i in `echo $daily`
do curl -s $i|awk -F ":" '{print $2}' #|sh
done

curl -s https://secure.dshield.org/sources.html|\
awk -F = '{print $3}'|grep ".\|-"|sed 's/">/ /g;s/\.0/\./g;s/^0//g'|\
awk '!/-/{print $1}'|grep "\."|sort -u|grep -v "\""|\
awk '{print $1}'

curl -s http://infiltrated.net/blacklisted | awk '{print $1}' | grep '^[0-9]'

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq