Securing Linux Servers with the scam / spam / Crime blacklist of Infiltrated.net

On the Internet there are lots of bad guys: scammers, hackers, Viagra stalls, script kiddies, etc.

Infiltrated.net maintains a fairly comprehensive list that have become conspicuously server http://www.infiltrated.net/blacklisted .

If you have access to its servers, or even his home network from these IP's in derogation of, one has already locked a lot of Russian proxies, spammers and other scum.

The following script will automatically draws the current list and transmits the host in the firewall.

Started with a cronjob on a regular basis, it provides a modicum of safety for their own services.

 # / Usr / bin / php
 <?
 # First, existing (personal) firewall rules running
 exec ("/ root / scripts / meine_standard_firewall_rules");

 # Blacklist suck
 exec ("wget-O / tmp / infiltrated_blacklist http://www.infiltrated.net/blacklisted");

 $ List = file ("/ tmp / infiltrated_blacklist");

 $ I = 1;

 # A bit auseinanderschnibbeln and down in Iptables
 foreach ($ list as $ line)
 {
 $ Line = trim ($ line);
 $ Line = str_replace ("\ t", "", $ line);

 $ Line = explode ("", $ line);
 $ Line = $ line [0];

 $ Firstchar = substr ($ line, 0,1);
 continue if (is_numeric ($ firstchar));

 exec ("iptables-I INPUT-s $ line-j DROP");
 $ I + +;
 }

 echo ". done $ i set rules.";
 ?>