Script to block all traffic from the Censys search engine IP scanning tool using UFW (Uncomplicated Firewall) on Linux systems.
- Linux system with UFW installed.
jq
installed for JSON parsing. If not installed, you can install it using your package manager (sudo apt-get install jq
on Ubuntu/Debian).
Ensure UFW is not enabled:
sudo ufw status verbose
If UFW is enabled, disable it:
sudo ufw disable
Clear existing rules:
sudo ufw reset
Set default rules:
sudo ufw default deny incoming
sudo ufw default allow outgoing
Add rules to prevent accidental lockout:
sudo ufw allow from 192.168.1.0/24
sudo ufw allow ssh
Enable UFW:
sudo ufw enable
Respond to the prompt with y
.
Clone this repository to your system:
git clone https://github.com/7zx/FuckCensys/
Navigate to the cloned repository:
cd FuckCensys
Make the script executable:
chmod +x fuck-censys.sh
Run the script with sudo privileges to block traffic from Censys IP's and subnets:
sudo ./fuck-censys.sh
The script will download the current scanning IP addresses and subnets used by Censys and incorporate them into UFW's configuration. After execution, confirm the successful addition of rules by running:
sudo ufw status verbose
To keep the firewall rules updated, consider scheduling the script to run periodically. You can use cron for this purpose:
Open the cron table for editing:
sudo crontab -e
Add the following line to run the script weekly:
0 0 * * 1 /path/to/FuckCensys/fuck-censys.sh > /dev/null 2>&1
This will execute the script every Monday at midnight. Then, delete the rule by its number:
sudo ufw delete <rule_number>