r6 - 09 Oct 2008 - 22:31:22 - JoshuaGimerYou are here: TWiki > 
Main Web > AllProjects > SnortConfSamples > EmergingFirewallRules
Main Web > AllProjects > SnortConfSamples > EmergingFirewallRulesUsing the Emerging Threats Firewall Rules
The firewall rulesets are versions of the IP Block lists in a format easily imported into IPF, IPTables, PF, and PIX firewalls. These rulesets are updated at least daily, we recommend updating your firewalls at the very least once a week, as these hosts may change often. The Spamhaus DROP list is less dynamic, however it does change so be sure to update regularly. As each update is made a revision number is incremented. That is available here: http://www.emergingthreats.net/fwrules/FWrev Ruleset sources include the DShield Top Attackers, the Spamhaus DROP list, the Shadowserver.org Active Command and Control Servers, and our RussianBusinessNetwork Known Networks. Rules available here: http://www.emergingthreats.net/fwrulesA script by Joshua Gimer to automatically update an IPTables firewall is available here: It should be easily adapted to service most any other firewall. Changes in Version 2.0
- Added Syslog support
- Added IP address verification
- Added individual IP address and CIDR range white-listing support
- emerging-iptables-update.pl.txt: Version 2.0 by Joshua Gimer
| I | Attachment | Action | Size | Date | Who | Comment |
|---|---|---|---|---|---|---|
 txt | emerging-iptables-update.pl.txt | manage | 4.5 K | 09 Oct 2008 - 22:18 | JoshuaGimer | Version 2.0 by Joshua Gimer |
Main Web
Create New Topic
Index
Search
Changes
Preferences- User Reference
- ATasteOfTWiki
- TextFormattingRules
- Signature Reference
- WebRss Feed
- EmergingFAQ
 |
|
Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding TWiki? Send feedback