Leveraging a block listing supplied by another person or transfer an alias listing from one PFSense gadget to a different
It is a continuation of posts on Community Safety
Timeout from my newest weblog sequence as I’ve a brand new Azure class developing so I could also be skipping round a bit, however I might be persevering with the CloudSecurity Automation Collection as time permits. Proper now I’m going to leap again over to my residence networking sequence for a second. I’ve some modifications I have to make.
I’ve written earlier than about the way you may wish to leverage aliases to dam IP ranges which are identified to host scanners and scammers:
Have you ever ever appeared on the site visitors hitting your community on two excessive ports? Extra on that and one community rule that may weed out quite a lot of dangerous site visitors right here. Sadly you possibly can’t do that in AWS Safety Teams or NACLs and different primary safety controls on in different cloud environments. It’s best to be capable of do it on an AWS Firewal however I haven’t tried it but.
I’ve been monitoring among the scanner site visitors and including it to aliases over time. Now I wish to switch that configuration to a different gadget. It’s a special gadget so I don’t wish to copy all of the configuration, however I do wnat my aliases so I can create the suitable guidelines to dam site visitors. Though I’ve quite a lot of IP ranges in my aliases my firewall appears to have the ability to deal with the load as a result of I instantly drop dangerous site visitors.
Backing up Aliases on PFSense
On this put up we wish to again up an our aliases on one PFSense gadget to switch to or share with one other gadget.
First head over to Diagnostics > Backup & Restore.
Select Aliases from the drop down listing subsequent to Backup space.
Click on obtain configuration as XML. Retailer it wherever is suitable in your native gadget.
Backup different system configuration information
Subsequent I can again up different elements of the system configuration I wish to copy to a brand new gadget.
I’m going to choose and select what I copy over. That appears a bit safer than making an attempt to use a whole configuration. My gadgets have a special variety of ports so issues aren’t going to precisely translate.
Now that I’ve backed up my recordsdata I can transfer them to a brand new gadget.
Including Aliases to a special gadget or restoring a backup
Now you possibly can log into the brand new gadget and reverse the method.
You’ll be able to repeat that course of with every other parts of a configuration you wish to backup and restore to a different gadget.
Subsequent I’m going to fireside up a brand new PFSense gadget.
Observe for updates.
Teri Radichel
When you preferred this story please clap and observe:
******************************************************************
Medium: Teri Radichel or Electronic mail Checklist: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests companies by way of LinkedIn: Teri Radichel or IANS Analysis
******************************************************************
© 2nd Sight Lab 2022
____________________________________________
Writer:
Cybersecurity for Executives within the Age of Cloud on Amazon
Want Cloud Safety Coaching? 2nd Sight Lab Cloud Safety Coaching
Is your cloud safe? Rent 2nd Sight Lab for a penetration take a look at or safety evaluation.
Have a Cybersecurity or Cloud Safety Query? Ask Teri Radichel by scheduling a name with IANS Analysis.
Cybersecurity & Cloud Safety Assets by Teri Radichel: Cybersecurity and Cloud safety lessons, articles, white papers, shows, and podcasts
