supermanavc

Firewall Cyber Hats 1.1

Nov 9th, 2013
974
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/sh
  2. #           Fatal Error & Cyber Hats
  3. #           By Sup3rm4n and B4ckd00r
  4. #
  5. #                 .88888888:.
  6. #                88888888.88888.
  7. #              .8888888888888888.
  8. #              888888888888888888
  9. #              88' _`88'_  `88888
  10. #              88 88 88 88  88888
  11. #              88_88_::_88_:88888
  12. #              88:::,::,:::::8888
  13. #              88`:::::::::'`8888
  14. #             .88  `::::'    8:88.
  15. #            8888            `8:888.
  16. #          .8888'             `888888.
  17. #         .8888:..  .::.  ...:'8888888:. <--- EI PINGUIN GATINHO, TO AFIM DE TE CONHEÇER MELHOR...                                                
  18. #        .8888.'     :'     `'::`88:88888  --- HAHA GATINHA SO LAMENTO,TU NAO VAI PASSAR DO MEU FIREWALL HEHE.  
  19. #       .8888        '         `.888:8888.
  20. #      888:8         .           888:88888
  21. #    .888:88        .:           888:88888:
  22. #    8888888.       ::           88:888888
  23. #    `.::.888.      ::          .88888888
  24. #   .::::::.888.    ::         :::`8888'.:.
  25. #  ::::::::::.888   '         .::::::::::::
  26. #  ::::::::::::.8    '      .:8::::::::::::.
  27. # .::::::::::::::.        .:888:::::::::::::
  28. # :::::::::::::::88:.__..:88888:::::::::::'
  29. #  `'.:::::::::::88888888888.88:::::::::'
  30. #       `':::_:' -- '' -'-' `':_::::'`
  31. #
  32. ###############################################################
  33. #
  34. #  -->  LOGS DISPONIVEIS EM: /var/log/firewall
  35. #    
  36. #  -->  COMANDOS PARA MONITORAR LOGS: tail -f /var/log/messages
  37. #
  38. # --> Salve em /etc/init.d/firewall
  39. #                              
  40. ###############################################################
  41.  
  42. case "$1" in
  43. start)
  44.  
  45. # Limpando regras
  46. iptables -t filter -F
  47. iptables -t filter -X
  48. echo - Limpando regras : [OK]
  49.  
  50. # Derruba ICMP ECHO-REQUEST menssagens enviadas para BROADCAST ou MULTICAST
  51. echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
  52. echo - Subindo proteção contra ICMP ECHO-REQUEST menssagens enviadas para BROADCAST ou MULTICAST : [OK]
  53.  
  54. # Proteção contra redirecionamento de icmp request
  55. echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
  56. echo - Subindo proteção contra redirecionamento de ICMP request : [OK]
  57.  
  58. # Não envia menssagens redirecionadas de ICMP
  59. echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
  60. echo - Subindo proteção contra envido de menssagens redirecionadas de ICMP : [OK]
  61.  
  62. # ICMP (Ping)
  63. iptables -t filter -A INPUT -p icmp -j ACCEPT
  64. iptables -t filter -A OUTPUT -p icmp -j ACCEPT
  65. echo - PING : [OK]
  66.  
  67. # Pacotes de logs com endreços inexistentes (devido a rotas erradas) em sua rede
  68. echo 1 > /proc/sys/net/ipv4/conf/all/log_martians
  69.  
  70. # Ativação do redirecionamento de pacotes (requerido para NAT)
  71. echo "1" >/proc/sys/net/ipv4/ip_forward
  72. echo - Redirecionamento de pacotes : [OK]
  73.  
  74. # SSH aceito
  75. iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
  76. echo - SSH : [OK]
  77.  
  78. # Não quebra conexões estabelecidas
  79. iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
  80. iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
  81. echo - Estabilizando conexões : [OK]
  82.  
  83. # Bloquear todas conexões por padrão
  84. iptables -t filter -P INPUT DROP
  85. iptables -t filter -P FORWARD DROP
  86. iptables -t filter -P OUTPUT DROP
  87. echo - Bloqueio de toda conexões : [OK]
  88.  
  89. # Proteção contra ip spoofing
  90. echo "1" > /proc/sys/net/ipv4/conf/default/rp_filter
  91. echo - Subindo proteção contra ip spoofing : [OK]
  92.  
  93. # Disabilita envio do IPV4
  94. echo 0 > /proc/sys/net/ipv4/ip_forward
  95. echo - Desabilitando envio IPV4 : [OK]
  96.  
  97. # SYN-Flood Proteção
  98. iptables -N syn-flood
  99. iptables -A syn-flood -m limit --limit 10/second --limit-burst 50 -j RETURN
  100. iptables -A syn-flood -j LOG --log-prefix "SYN FLOOD: "
  101. iptables -A syn-flood -j DROP
  102. echo - Proteção contra SYN-Flood : [OK]
  103.  
  104. # Loopback
  105. iptables -t filter -A INPUT -i lo -j ACCEPT
  106. iptables -t filter -A OUTPUT -o lo -j ACCEPT
  107. echo - Loopback : [OK]
  108.  
  109. # Derruba conexões de scans
  110. iptables -A INPUT -m recent --name scan --update --seconds 600 --rttl --hitcount 3 -j DROP
  111. iptables -A INPUT -m recent --name scan --update --seconds 600 --rttl --hitcount 3 -j LOG --log-level info --log-prefix "Scan recente"
  112. echo - Proteção contra scans - [OK]
  113.  
  114. # Derruba pacotes de SYN invalidos
  115. iptables -A INPUT -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j DROP
  116. iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
  117. iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
  118. iptables -A INPUT -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j LOG --log-level info --log-prefix "Pacotes SYN Detectado"
  119. iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j LOG --log-level info --log-prefix "Pacotes SYN Detectado"
  120. iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j LOG --log-level info --log-prefix "Pacotes SYN Detectado"
  121. # Derruba pacotes de SYN invalidos
  122. iptables -A OUTPUT -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j DROP
  123. iptables -A OUTPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
  124. iptables -A OUTPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
  125. iptables -A INPUT -p tcp --tcp-flags ALL ACK,RST,SYN,FIN -j LOG --log-level info --log-prefix "Pacotes SYN Detectado"
  126. iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j LOG --log-level info --log-prefix "Pacotes SYN Detectado"
  127. iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j LOG --log-level info --log-prefix "Pacotes SYN Detectado"
  128. echo - Proteção contra pacotes de SYN invalidos : [OK]
  129.  
  130. # Se certifica que novos pacotes são SYN , caso contrário derruba eles
  131. iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
  132.  
  133. # Descarta pacotes com fragmentos de entrada. Ataque que pode causar perca de dados
  134. iptables -A INPUT -f -j DROP
  135. iptables -A INPUT -f -j LOG --log-level info --log-prefix "Pct de Entrada Fragmentados"
  136. echo - Proteção contra pacotes de entrada que podem causar perca de dados : [OK]
  137.  
  138. # Derruba pacotes XMAS mal formados
  139. iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
  140. iptables -A INPUT -p tcp --tcp-flags ALL ALL -j LOG --log-level info --log-prefix "Pacotes XMAS mal formados"
  141. echo - Proteção contra pacotes XMAS mal formados : [OK]
  142.  
  143. # DNS In/Out
  144. iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
  145. iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
  146. iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
  147. iptables -t filter -A INPUT -p udp --dport 53 -j ACCEPT
  148. echo - DNS : [OK]
  149.  
  150. # NTP Out
  151. iptables -t filter -A OUTPUT -p udp --dport 123 -j ACCEPT
  152. echo - NTP : [OK]
  153.  
  154. # WHOIS Out
  155. iptables -t filter -A OUTPUT -p tcp --dport 43 -j ACCEPT
  156. echo - WHOIS : [OK]
  157.  
  158. # FTP Out
  159. iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT
  160. iptables -t filter -A OUTPUT -p tcp --dport 30000:50000 -j ACCEPT
  161. # FTP In
  162. iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT
  163. iptables -t filter -A INPUT -p tcp --dport 30000:50000 -j ACCEPT
  164. iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  165. echo - FTP : [OK]
  166.  
  167. # HTTP + HTTPS Out
  168. iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
  169. iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
  170. # HTTP + HTTPS In
  171. iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
  172. iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
  173. echo - HTTP/HTTPS : [OK]
  174.  
  175. # Mail SMTP:25
  176. iptables -t filter -A INPUT -p tcp --dport 25 -j ACCEPT
  177. iptables -t filter -A OUTPUT -p tcp --dport 25 -j ACCEPT
  178. echo - SMTP : [OK]
  179.  
  180. # Mail POP3:110
  181. iptables -t filter -A INPUT -p tcp --dport 110 -j ACCEPT
  182. iptables -t filter -A OUTPUT -p tcp --dport 110 -j ACCEPT
  183. echo - POP : [OK]
  184.  
  185. # Mail IMAP:143
  186. iptables -t filter -A INPUT -p tcp --dport 143 -j ACCEPT
  187. iptables -t filter -A OUTPUT -p tcp --dport 143 -j ACCEPT
  188. echo - IMAP : [OK]
  189.  
  190. # Reverse
  191. iptables -t filter -A INPUT -p tcp --dport 77 -j ACCEPT
  192. iptables -t filter -A OUTPUT -p tcp --dport 77 -j ACCEPT
  193. echo - Reverse : [OK]
  194.  
  195. # MSF
  196. iptables -t filter -A INPUT -p tcp --dport 7337 -j ACCEPT
  197. iptables -t filter -A OUTPUT -p tcp --dport 7337 -j ACCEPT
  198. echo - MSF : [OK]
  199.  
  200. #######################################
  201. # Gerenciamento WEB do Firewall
  202. touch /var/log/firewall
  203. chmod +x /var/log/firewall
  204. /var/log/firewall -A INPUT -p icmp -m limit --limit 1/s -j LOG --log-level info --log-prefix "ICMP Dropped "
  205. /var/log/firewall -A INPUT -p tcp -m limit --limit 1/s -j LOG --log-level info --log-prefix "TCP Dropped "
  206. /var/log/firewall -A INPUT -p udp -m limit --limit 1/s -j LOG --log-level info --log-prefix "UDP Dropped "
  207. /var/log/firewall -A INPUT -f -m limit --limit 1/s -j LOG --log-level warning --log-prefix "FRAGMENT Dropped "
  208. /var/log/firewall -A INPUT -m limit --limit 1/minute --limit-burst 3 -j LOG --log-level DEBUG --log-prefix "IPT INPUT packet died: "
  209. /var/log/firewall -A INPUT -m limit --limit 3/minute --limit-burst 3 -j LOG --log-level DEBUG --log-prefix "IPT INPUT packet died: "
  210. echo - Gerenciamento Do Firewall : [OK]
  211.  
  212. echo - Firewall [OK]
  213. exit 0
  214. ;;
  215.  
  216. stop)
  217. echo "Desligando Firewall... "
  218. iptables -P INPUT ACCEPT
  219. iptables -P OUTPUT ACCEPT
  220. iptables -t filter -F
  221. echo "Firewall Desligado!"
  222. echo "Coded By Sup3rm4n and B4ckd00r"
  223. exit 0
  224. ;;
  225.  
  226. restart)
  227. /etc/init.d/firewall stop
  228. /etc/init.d/firewall start
  229. ;;
  230.  
  231. *)
  232. echo "Uso: /etc/init.d/firewall {start|stop|restart}"
  233. exit 1
  234. ;;
  235. esac
RAW Paste Data