[Emerging-Sigs] Making RBN alerting more meaningful when defending NAT'd client space

Joaquin Moreno Garijo gottholle at googlemail.com
Wed Oct 19 07:52:13 EDT 2011


Hi CL,

You need that:

# ./rbnupdate.py IP_PROXY PORT_PROXY PROTOCOL_PROXY

Example:

ids-dmz # ./rbnupdate.py 10.10.10.11 8080 http

	Fichero RBN "rbn.conf" creado correctamente
	El numero de ips y redes es: 9232
	Numero de bloques: 289

ids-dmz #


See you ;D


On 10/06/2011 06:16 PM, José Miguel wrote:
>* Script that implement the idea of Eoin Miller (rbnupdate.py):*>**>* http://www.securityartwork.es/wp-content/uploads/2011/10/rbnupdate.py*>**>* Sorry, blog is in spanish.*>**>* Greets.*>**
Many thanks Jose Miguel for this contribution. One question: can I
configure a proxy to download the archive from emergingthreats?? Maybe
inside this function:

67 def getSource(ipproxy, protocolo):
68         # Descargamos el fichero de direcciones IP de Emerging
Threats correspondientes a la RBN
69         try:
70                 #Si pasamos a traves de un proxy
71                 if ipproxy != "":
72                         if (protocolo == "http" or protocolo == "https"):
73                                 proxy_h =
urllib2.ProxyHandler({protocolo : ipproxy})
74                                 opener = urllib2.build_opener(proxy_h)
75                                 urllib2.install_opener(opener)
76                                 return urllib2.urlopen(ENLACE) ?

  Using "if ipproxy != "http://proxy.domainname.com":" ??

Thanks.


TW @MoxilO
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20111019/6115ea1e/attachment.html


More information about the Emerging-sigs mailing list