From f577691ff164e19584b9da732bb6d738ded673c6 Mon Sep 17 00:00:00 2001 From: Jordan Date: Mon, 4 Mar 2024 12:18:46 -0700 Subject: block-scanners.py --- block-scanners.py | 145 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100755 block-scanners.py diff --git a/block-scanners.py b/block-scanners.py new file mode 100755 index 0000000..30d4586 --- /dev/null +++ b/block-scanners.py @@ -0,0 +1,145 @@ +#!/usr/bin/env python3 +import subprocess + +def block_ip(ip, is_ipv6=False): + if is_ipv6: + subprocess.run(['ip6tables', '-A', 'INPUT', '-s', ip, '-j', 'DROP']) + subprocess.run(['ip6tables', '-A', 'FORWARD', '-s', ip, '-j', 'DROP']) + else: + subprocess.run(['iptables', '-A', 'INPUT', '-s', ip, '-j', 'DROP']) + subprocess.run(['iptables', '-A', 'FORWARD', '-s', ip, '-j', 'DROP']) + +def block_subnet(subnet, is_ipv6=False): + if is_ipv6: + subprocess.run(['ip6tables', '-A', 'INPUT', '-s', subnet, '-j', 'DROP']) + subprocess.run(['ip6tables', '-A', 'FORWARD', '-s', subnet, '-j', 'DROP']) + else: + subprocess.run(['iptables', '-A', 'INPUT', '-s', subnet, '-j', 'DROP']) + subprocess.run(['iptables', '-A', 'FORWARD', '-s', subnet, '-j', 'DROP']) + +def save_rules(is_ipv6=False): + if is_ipv6: + subprocess.run(['ip6tables-save'], stdout=open('/etc/iptables/rules.v6', 'w')) + else: + subprocess.run(['iptables-save'], stdout=open('/etc/iptables/rules.v4', 'w')) + +def main(): + ips = [ + # Shodan + '64.227.90.185', + '66.240.192.138', + '66.240.205.34', + '66.240.219.146', + '66.240.219.173', + '66.240.236.119', + '71.6.135.131', + '71.6.146.130', + '71.6.146.185', + '71.6.147.198', + '71.6.147.254', + '71.6.158.166', + '71.6.165.200', + '71.6.167.142', + '71.6.199.23', + '80.82.77.139', + '80.82.77.33', + '85.25.103.50', + '85.25.43.94', + '89.248.167.131', + '89.248.172.16', + '93.120.27.62', + '93.174.95.106', + '94.102.49.190', + '94.102.49.193', + '104.18.12.238', + '104.18.13.238', + '137.184.13.100', + '137.184.180.190', + '137.184.9.17', + '137.184.94.133', + '143.198.50.234', + '165.227.55.4', + '185.142.236.34', + '185.142.236.35', + '185.142.236.36', + '185.142.236.40', + '185.142.236.43', + '185.142.239.16', + '185.165.190.17', + '185.165.190.34', + '188.138.9.50', + '195.144.21.56', + '198.20.69.74', + '198.20.69.98', + '198.20.70.114', + '198.20.99.130', + '209.126.110.38', + '216.117.2.180' + ] + + subnets = [ + # Censys + '74.120.14.0/24', + '162.142.125.0/24', + '167.94.138.0/24', + '167.94.145.0/24', + '167.94.146.0/24', + '167.248.133.0/24', + '199.45.154.0/24', + '199.45.155.0/24', + '192.35.168.0/23', + + # Shodan + '198.20.69.96/29', + '198.20.70.112/29', + '198.20.87.96/29', + '198.20.99.128/29', + + # ShadowServer + '64.62.202.96/27', + '66.220.23.112/29', + '74.82.47.0/26', + '184.105.139.64/26', + '184.105.143.128/26', + '184.105.247.192/26', + '216.218.206.64/26', + '141.212.0.0/16', + + # PAN Expanse + '144.86.173.0/24' + ] + + ipv6_ips = [ + # Shodan + '2606:4700::6812:cee', + '2606:4700::6812:dee', + '2604:a880:800:10::99:7001', + '2606:4700::6812:cee', + '2606:4700::6812:dee', + '2604:a880:4:1d0::50d:8000', + '2604:a880:4:1d0::725:0' + ] + + ipv6_subnets = [ + # Censys + '2602:80d:1000:b0cc:e::/80', + '2620:96:e000:b0cc:e::/80' + ] + + for ip in ips: + block_ip(ip) + + for subnet in subnets: + block_subnet(subnet) + + for ipv6_ip in ipv6_ips: + block_ip(ipv6_ip, is_ipv6=True) + + for ipv6_subnet in ipv6_subnets: + block_subnet(ipv6_subnet, is_ipv6=True) + + save_rules() + save_rules(is_ipv6=True) + +if __name__ == "__main__": + main() -- cgit v1.2.3-54-g00ecf