One Hat Cyber Team
Your IP :
3.149.251.64
Server IP :
104.21.64.1
Server :
Linux agrigation-prod 5.15.0-67-generic #74-Ubuntu SMP Wed Feb 22 14:14:39 UTC 2023 x86_64
Server Software :
nginx/1.24.0
PHP Version :
7.4.33
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
etc
/
fail2ban
/
action.d
/
Edit File:
netscaler.conf
# Fail2ban Citrix Netscaler Action # by Juliano Jeziorny # juliano@jeziorny.eu # # The script will add offender IPs to a dataset on netscaler, the dataset can then be used to block the IPs at a cs/vserver or global level # This dataset is then used to block IPs using responder policies on the netscaler. # # The script assumes using HTTPS with unsecure certificate to access the netscaler, # if you have a valid certificate installed remove the -k from the curl lines, or if you want http change it accordingly (and remove the -k) # # This action depends on curl # # You need to populate the 3 options inside Init # # ns_host: IP or hostname of netslcaer appliance # ns_auth: username:password, suggest base64 encoded for a little added security (echo -n "username:password" | base64) # ns_dataset: Name of the netscaler dataset holding the IPs to be blocked. # # For further details on how to use it please check http://blog.ckzone.eu/2017/01/fail2ban-action-for-citrix-netscaler.html [Init] ns_host = ns_auth = ns_dataset = [Definition] actionstart = curl -kH 'Authorization: Basic <ns_auth>' https://<ns_host>/nitro/v1/config actioncheck = actionban = curl -k -H 'Authorization: Basic <ns_auth>' -X PUT -d '{"policydataset_value_binding":{"name":"<ns_dataset>","value":"<ip>"}}' https://<ns_host>/nitro/v1/config/ actionunban = curl -H 'Authorization: Basic <ns_auth>' -X DELETE -k "https://<ns_host>/nitro/v1/config/policydataset_value_binding/<ns_dataset>?args=value:<ip>"
Simpan