MalwareMustDie

Blocking China Network for SSH + etc Attack Protection

Oct 28th, 2014
1,680
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # MalwareMustDie friends, for manually blocking China and Hongkong IP, this is my list for hosts.allow (deny ruleset)
  2. # See our video disclosure here for the reason why: http://blog.malwaremustdie.org/2014/11/china-elf-botnet-malware-infection.html
  3. # Last update: Mon Jun 22 02:22:08 JST 2015 from @unixfreaxjp (twitter)
  4. # Shared under: WTFPL License: http://en.wikipedia.org/wiki/WTFPL
  5. # Bound to legal disclaimer: http://blog.malwaremustdie.org/p/the-rule-to-share-malicious-codes-we.html
  6. # Message: Please report for any changes/exclusion IP blocks & FP report to @malwaremustdie (twitter)
  7.  
  8. # hosts.allow and hosts.deny are used by TCP Wrappers, host-based access control, http://en.wikipedia.org/wiki/TCP_Wrapper
  9. # If you want to block access to a service (i.e. sshd), you need to find whether
  10. # that service has been compiled with TCP Wrappers.
  11. # in BSD:
  12. $ sudo ldd /usr/sbin/sshd| grep wrap
  13.         libwrap.so.6 => /usr/lib/libwrap.so.6 (0x800cfb000)
  14. #in Linux:
  15. $ sudo ldd /usr/sbin/sshd| grep wrap
  16.         libwrap.so.0 => /lib/i386-linux-gnu/libwrap.so.0 (0xb76df000)
  17.  
  18. # host deny rules (generic OS, Windows server users can use this too by changing "sshd:" into "ALL:"
RAW Paste Data