doctator/bin-there-done-that
doctator/bin-there-done-that
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: doctator:78d30cffc54e3226f5adb5e62e54f1d79fa89c70
Branches Tags
doctator:main
...
compare: doctator:9697fa13e712bdbceae04539885d783fba8e983c
Branches Tags
doctator:main

2 Commits
78d30cffc5 ... 9697fa13e7

Author SHA1 Message Date
DocTator
9697fa13e7 Auto commit from /home/doc/genesis-tools 2025-04-22 16:55:28 -04:00
DocTator
5d81552e09 Auto commit from /home/doc/genesis-tools 2025-04-22 16:50:42 -04:00
3 changed files with 51 additions and 4 deletions
Show Stats Expand all files Collapse all files

6
hostingtoot/.env
View File

@ -1,6 +1,6 @@
DB_USER=tootuser
DB_PASSWORD=thisisaserver2281
DB_NAME=toot2
DB_USER=hostingtootuser
DB_PASSWORD=rusty2281
DB_NAME=hostingtootdb
DB_HOST_PRIMARY=38.102.127.166
#DB_HOST_FAILOVER=db4.cluster.genesishostingtechnologies.com
MASTODON_ACCESS_TOKEN=ljnlPFL8SP_4DkX_SBuyMInvvmziEr28aRFgkRHyw80

2
miscellaneous/giteapush.sh
View File

@ -26,7 +26,7 @@ if ! git diff-index --quiet HEAD --; then
git commit -m "Auto commit from /home/doc/genesis-tools"
# Push changes to Gitea repository
git push origin master # Or 'main' if that's the branch name
git push origin main # Or 'main' if that's the branch name
else
echo "No changes to commit."
fi

47
miscellaneous/malips.sh Executable file
View File

@ -0,0 +1,47 @@
#!/bin/bash
# Path to Snort's alert log (snort.alert.fast)
SNORT_LOG="/var/log/snort/snort.alert.fast"
# Path to store blocked IPs (to avoid duplicates)
BLOCKED_IPS="/tmp/blocked_ips.txt"
# Function to block an IP using iptables
block_ip() {
local ip=$1
# Check if IP is already blocked
if ! grep -q "$ip" "$BLOCKED_IPS"; then
# Add IP to iptables block list
sudo iptables -I INPUT -s "$ip" -j DROP
# Log the blocked IP in the blocked_ips file
echo "$ip" >> "$BLOCKED_IPS"
echo "Blocked IP: $ip"
fi
}
# Ensure the blocked_ips.txt file exists and is writable
if [ ! -f "$BLOCKED_IPS" ]; then
sudo touch "$BLOCKED_IPS"
sudo chmod 666 "$BLOCKED_IPS"
fi
# Monitor the snort.alert.fast file for new malicious IPs
tail -F "$SNORT_LOG" | while read line; do
# Debug: Output the full line from Snort log
echo "Processing: $line"
# Extract source and destination IP addresses from Snort logs
if echo "$line" | grep -q "ICMP PING NMAP"; then
# Extract source IP (before "->")
ip=$(echo "$line" | awk -F' -> ' '{print $1}' | awk '{print $NF}')
echo "Found Source IP: $ip" # Debug: Show the IP being extracted
block_ip "$ip"
elif echo "$line" | grep -q "EXPLOIT"; then
# Extract source IP (before "->")
ip=$(echo "$line" | awk -F' -> ' '{print $1}' | awk '{print $NF}')
echo "Found Source IP: $ip" # Debug: Show the IP being extracted
block_ip "$ip"
fi
done