Mochabomb

Web Design and Technical notes

Mochabomb header image 2
Cron errors - cron’s not running etc.. (CentOS 5.2) suPHP - fixing busted parts of the site + vtiger forms

Drop Bogon IP’s quickly and easily

October 15th, 2008 6:05 pm · No Comments

Blocking bogon’s is good for you and your servers health - only because they are generally un-assigned by IANA or the RIR. These bogus IP blocks are perfect for spamming and criminal activity. Read more about them here.

To block these, I wrote this a while back and while hits may be low, in case they ever get routed or make it to my box. I do need to expand to allow updates if a block is now assigned.

#!/bin/sh
#
# Drop all these bad IP's
#
TMPFILE=/tmp/`apg -a 1 -M nc -n 1 -m 26`

touch $TMPFILE

curl -s http://www.spamhaus.org/drop/drop.lasso |grep ^[1-9]|cut -f 1 -d ' ' > $TMPFILE  

for IP in `cat $TMPFILE`; do
    /sbin/shorewall drop $IP
    sleep 5
done

Run this as a cron or in sync with reloading IP tables.

These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • Slashdot
  • Technorati
  • MisterWong
  • Reddit

Tags: Linux · Security

0 responses so far ↓

  • There are no comments yet...Kick things off by filling out the form below.

Leave a Comment