Introducing IPset-Assassin

Completed installation
completed installation

I recently wrote a nice little program to setup and maintain your firewall on Ubuntu GNU/Linux 14.04. This will install a cron job to run daily and pull lists from multiple sites to block malicious IP addresses. Adding around ~40,000 or more individual IP addresses as well as the top 20 malicious IP blocks per day, all voluntarily and freely contributed. All of the malicious individual addresses are managed with ipset, while the IP blocks are managed with IPTables. This leads to a very efficient way of managing the tables easily and automatically. This optionally allows you to enable or disable Tor Exit node connections. I have also created an optional weekly cron job that will block whatever countries you may wish. I hand typed all 233 countries codes into a dialog menu. I added a new iptables-persistent from another Github repository which also works with ipsets to keep it persistent upon reboot for both iptables.

Screenshot_2016-07-03_04-44-54
When installing it may get stuck here for a minute or two that’s fine. It’s setting a lot rules up

The lists that are regularly installed:

Project Honey Pot Directory of Dictionary Attacker IPs
TOR Exit Nodes this will block all access to Tor*
BruteForceBlocker
Spamhaus
C.I. Army
OpenBL.org
Autoshun
Blocklist.de
Malware Domain List
ZeusTracker
Malc0de IP blacklist
MaxMind GeoIP Anonymous Proxies
StopForumSpam
GreenSnow

 

*Tor exit node blocking is optional
*Tor exit node blocking is optional

It’s simple enough to install. Simply run the script as root and select if you want to block Tor exit nodes or if you want to block any countries. If there are any issues or suggestions please let me know on GitHub. I want to eventually make this also capable of running on CentOS for my PhonePBX.

https://github.com/ChiefGyk/ipset-assassin

Tested on Ubuntu 14.04 servers, and Xubuntu 14.04 running server applications. Test it on your own machine as well if you like

233 Countries to block if you choose to.
233 Countries to block if you choose to.

Author: Alon Ganon

I serve as a technology research associate for DTG3D. I am a technology specialist, very focused on understanding the details and applications of new technology trends. With a background in Windows, Mac OS X, GNU/Linux, and FreeBSD operating systems, I provide practical approaches to the integration of new technology into an IT and general business environment. I am currently is involved in the analysis of augmented and virtual reality systems. I also spend my free time advocating for freedom in software, and in all facets of our life. I have been working on computers since I was 4 years old under my father's company DTG3D. I built my first computer at 7 years old, and I am primarily self taught and self trained in regards to the majority of his IT skills due to decades of being surrounded by technology everyday. My philosophy is, "You are not dead, until you stop learning."

4 thoughts on “Introducing IPset-Assassin”

  1. Hі, i believe that i saw yyou νisited myy blog so i got here to return the choose?.I am attempting tto find thints
    to improve mʏ webb site!I guess itѕ good enough to usеe a few of
    your concepts!!

  2. I must say it was hard to find your site in google.
    You write great content but you should rank your page higher in search engines.

    If you don’t know how to do it search on youtube:
    how to rank a website Marcel’s way

Leave a Reply

Your email address will not be published. Required fields are marked *