-
Notifications
You must be signed in to change notification settings - Fork 8
Home
ngadmini edited this page Aug 7, 2023
·
143 revisions
- we use passwordless for ssh so that we don't have to hit password over and over again
- we use nano editor with the following profile in ~/.nanorc:
ngadimin@Q4OS:~/Documents/rpz_workdir$ less ~/.nanorc
set casesensitive
set tabsize 3
set titlecolor red,yellow
starting grab_http.sh v10.3 at Sun 2023-06-25 17:04:21 WIB
PREPARING TASKs: check availability configuration file isOK
PREPARING TASKs: check grab_http.sh is executed by non-root privileges isOK
PREPARING TASKs: check required debian-packages in local-host: 172.30.252.251 isOK
PREPARING TASKs: check script-pack's property in local-host: 172.30.252.251 isOK
PREPARING TASKs: check the actual longest of Top Level Domains isOK
PREPARING TASKs: check availability of sources-urls (as listed in grab_urls)
url_0: dsi.ut-capitole.fr/..?../adult.tar.gz isUP
url_1: dsi.ut-capitole.fr/..?../gambling.tar.gz isUP
url_2: dsi.ut-capitole.fr/..?../phishing.tar.gz isUP
url_3: dsi.ut-capitole.fr/..?../publicite.tar.gz isUP
url_4: dsi.ut-capitole.fr/..?../redirector.tar.gz isUP
url_5: dsi.ut-capitole.fr/..?../vpn.tar.gz isUP
url_6: blocklistproject.github.io/..?../porn-nl.txt isUP
url_7: trustpositif.kominfo.go.id/..?../domains_isp isUP
url_8: pgl.yoyo.org/..?../serverlist.php?hostformat=nohtml isUP
url_9: v.firebog.net/..?../Easylist.txt isUP
url_10: v.firebog.net/..?../AdguardDNS.txt isUP
url_11: s3.amazonaws.com/..?../simple_ad.txt isUP
url_12: raw.githubusercontent.com/..?../hostnames.txt isUP
url_13: urlhaus.abuse.ch/..?../rpz isUP
url_14: blocklistproject.github.io/..?../phishing-nl.txt isUP
url_15: blocklistproject.github.io/..?../malware-nl.txt isUP
url_16: blocklistproject.github.io/..?../ransomware-nl.txt isUP
url_17: raw.githubusercontent.com/..?../malware isUP
url_18: gist.githubusercontent.com/..?../raw isUP
------------------------------
All URLs of sources-url(s) isUP.
PERFORMING TASKs: initiating CATEGORY of domains
ADULT: dsi.ut-capitole.fr/..?../adult.tar.gz DONE
GAMBLING: dsi.ut-capitole.fr/..?../gambling.tar.gz DONE
PHISHING: dsi.ut-capitole.fr/..?../phishing.tar.gz DONE
PUBLICITE: dsi.ut-capitole.fr/..?../publicite.tar.gz DONE
REDIRECTOR: dsi.ut-capitole.fr/..?../redirector.tar.gz DONE
VPN: dsi.ut-capitole.fr/..?../vpn.tar.gz DONE
categorized: adult ipv4 malware publicite redirector trust+ (6 CATEGORIES)
processing TRUST+ CATEGORY with (2) additional sources-url(s)
grab_1: dsi.ut-capitole.fr/..?../gambling.tar.gz DONE
grab_7: trustpositif.kominfo.go.id/..?../domains_isp DONE
reducing: porn domains and move it's to ADULT CATEGORY DONE
fixing: bads, duplicates and false entries at TRUST+ DONE
moving: IP-address entries into IPV4 CATEGORY DONE
acquired: 953.600 entries.
processing ADULT CATEGORY with (2) additional sources-url(s)
grab_0: dsi.ut-capitole.fr/..?../adult.tar.gz DONE
grab_6: blocklistproject.github.io/..?../porn-nl.txt DONE
fixing: bads, duplicates and false entries at ADULT DONE
moving: IP-address entries into IPV4 CATEGORY DONE
acquired: 4.990.823 entries.
processing REDIRECTOR CATEGORY with (2) additional sources-url(s)
grab_4: dsi.ut-capitole.fr/..?../redirector.tar.gz DONE
grab_5: dsi.ut-capitole.fr/..?../vpn.tar.gz DONE
fixing: bads, duplicates and false entries at REDIRECTOR DONE
moving: IP-address entries into IPV4 CATEGORY DONE
acquired: 112.291 entries.
processing PUBLICITE CATEGORY with (5) additional sources-url(s)
grab_3: dsi.ut-capitole.fr/..?../publicite.tar.gz DONE
grab_8: pgl.yoyo.org/..?../serverlist.php?hostformat=nohtml DONE
grab_9: v.firebog.net/..?../Easylist.txt DONE
grab_10: v.firebog.net/..?../AdguardDNS.txt DONE
grab_11: s3.amazonaws.com/..?../simple_ad.txt DONE
fixing: bads, duplicates and false entries at PUBLICITE DONE
moving: IP-address entries into IPV4 CATEGORY DONE
acquired: 56.097 entries.
processing MALWARE CATEGORY with (7) additional sources-url(s)
grab_2: dsi.ut-capitole.fr/..?../phishing.tar.gz DONE
grab_12: raw.githubusercontent.com/..?../hostnames.txt DONE
grab_13: urlhaus.abuse.ch/..?../rpz DONE
grab_14: blocklistproject.github.io/..?../phishing-nl.txt DONE
grab_15: blocklistproject.github.io/..?../malware-nl.txt DONE
grab_16: blocklistproject.github.io/..?../ransomware-nl.txt DONE
grab_17: raw.githubusercontent.com/..?../malware DONE
fixing: bads, duplicates and false entries at MALWARE DONE
moving: IP-address entries into IPV4 CATEGORY DONE
acquired: 967.382 entries.
processing IPV4 CATEGORY with (0) additional sources-url(s)
fixing: bads, duplicates and false entries at IPV4 DONE
acquired: 27.964 entries.
processing sources-urls (6 CATEGORIES) in summary:
adult: 4.990.823 entries
ipv4: 27.964 entries
malware: 967.382 entries
publicite: 56.097 entries
redirector: 112.291 entries
trust+: 1.031.433 entries
TOTAL: 7.185.990 entries
disk-usage: 169,474 Megabytes
[DONE] completed IN 1m:30s:836ms
[WARN] there are still remaining :
- duplicate entries across CATEGORIES
- sub-domains and it's parent-domain across CATEGORIES
- ipv4 that can be reduced to a CIDR-block
[HINT] consider continue to next TASKs
you have 4 options to proceed to the next task:
1) pruning ipv4, duplicate & sub-domain entries across CATEGORIES
2) option [1] and rewriting ipv4 & domain entries to RPZ format-entry [db.* files]
3) option [2] and incrementing serial zones [rpz.* files]
4) option [3] and syncronizing latest [rpz.* and db.*] files to rpz.warnet-ersa.net
WARNING: remote-host rpz.warnet-ersa.net will REBOOT due to low memory
use 'shutdown -c' at remote-host: rpz.warnet-ersa.net to abort
^C) use (Ctrl+C) to quit
please hit: (1|2|3|4) to continue OR (Ctrl+C) to quit
4
[4'th] TASK options chosen
CONTINUED to :
1) pruning ipv4, duplicate & sub-domain entries across CATEGORIES
2) rewriting ipv4 & domain entries to RPZ format-entry [db.* files]
3) incrementing serial zone-files [rpz.*]
4) syncronizing latest [rpz.* and db.*] files to 'rpz.warnet-ersa.net'
WARNING: remote-host rpz.warnet-ersa.net will REBOOT due to low memory
use 'shutdown -c' at remote-host: rpz.warnet-ersa.net to abort
PERFORMING TASKs: based on 4'th options ...
[1'st] TASKs:
starting grab_duplic.sh v10.3 at Sun 2023-06-25 17:05:58 WIB
[INFO] FOUND 6 CATEGORIES: adult ipv4 malware publicite redirector trust+
[PRUNE] duplicate entries across CATEGORIES
pruning duplicate entries based on ADULT
STEP 0.1 = pruning duplicates ipv4 entries SKIP
STEP 0.2 = pruning duplicates malware entries DONE
STEP 0.3 = pruning duplicates publicite entries DONE
STEP 0.4 = pruning duplicates redirector entries DONE
STEP 0.5 = pruning duplicates trust+ entries DONE
pruning duplicate entries based on IPV4 do nothing
pruning duplicate entries based on MALWARE
STEP 2.3 = pruning duplicates publicite entries DONE
STEP 2.4 = pruning duplicates redirector entries DONE
STEP 2.5 = pruning duplicates trust+ entries DONE
pruning duplicate entries based on PUBLICITE
STEP 3.4 = pruning duplicates redirector entries DONE
STEP 3.5 = pruning duplicates trust+ entries DONE
pruning duplicate entries based on REDIRECTOR
STEP 4.5 = pruning duplicates trust+ entries DONE
pruning duplicate entries based on TRUST+ do nothing
[PRUNE] IPV4 and sub-domains if parent domain exist across CATEGORIES DONE
[PRUNE] domains whose TLD is invalid. FOUND: 280 invalid TLDs DONE
[PRUNE] turn-back pruned entries to proper CATEGORIES
turn-back pruned domains entry to ADULT category : 4.937.189 entries
turn-back pruned ipv4-addresses to IPV4 category : 16.872 entries
turn-back pruned domains entry to MALWARE category : 562.491 entries
turn-back pruned domains entry to PUBLICITE category : 44.916 entries
turn-back pruned domains entry to REDIRECTOR category : 110.577 entries
turn-back pruned domains entry to TRUST+ category : 933.168 entries
TOTAL : 6.605.213 entries
disk-usage : 155,182 Megabytes
[DONE] completed IN 1m:28s:776ms
[2'nd] TASKs:
starting grab_build.sh v10.3 at Sun 2023-06-25 17:07:26 WIB
PREPARING TASKs: check availability configuration file isOK
[INFO] splitting adult CATEGORY to 705.313 entries/sub-category:
txt.adultaa txt.adultab txt.adultac txt.adultad txt.adultae txt.adultaf txt.adultag
[INFO] splitting trust+ CATEGORY to 466.585 entries/sub-category:
txt.trust+aa txt.trust+ab
[INFO] rewriting all domains to RPZ format-entry
rewriting txt.adultaa to db.adultaa : 1.410.626 entries
rewriting txt.adultab to db.adultab : 1.410.626 entries
rewriting txt.adultac to db.adultac : 1.410.626 entries
rewriting txt.adultad to db.adultad : 1.410.626 entries
rewriting txt.adultae to db.adultae : 1.410.626 entries
rewriting txt.adultaf to db.adultaf : 1.410.626 entries
rewriting txt.adultag to db.adultag : 1.410.622 entries
rewriting txt.ipv4 to db.ipv4 : 16.872 entries
rewriting txt.malware to db.malware : 1.124.982 entries
rewriting txt.publicite to db.publicite : 89.832 entries
rewriting txt.redirector to db.redirector : 221.154 entries
rewriting txt.trust+aa to db.trust+aa : 933.170 entries
rewriting txt.trust+ab to db.trust+ab : 933.166 entries
TOTAL : 13.193.554 entries
disk-usage : 423,428 Megabytes
[DONE] completed IN 0m:8s:678ms
[3'th] TASKs:
starting grab_cereal.sh v10.3 at Sun 2023-06-25 17:07:35 WIB
[INFO] check availability configuration file isOK
[INFO] check availability zone-files: FOUND 13 zone-files isOK
[INFO] incrementing serial of zone-files:
rpz.adultaa rpz.adultab rpz.adultac rpz.adultad rpz.adultae rpz.adultaf rpz.adultag
rpz.ipv4 rpz.malware rpz.publicite rpz.redirector rpz.trust+aa rpz.trust+ab
[INFO] all serial of zone-files incremented to 2023062502
[DONE] completed IN 0m:0s:378ms
[4'th] TASKs:
starting grab_rsync.sh v10.3 at Sun 2023-06-25 17:07:35 WIB
[INFO] check availability configuration file isOK
[INFO] check availability: RPZ-dBase and zone-files in local-host: 172.30.252.251 isOK
[INFO] check availability remote-host: rpz.warnet-ersa.net isUP
[INFO] check passwordless ssh compatibility: rpz.warnet-ersa.net isOK
[INFO] check availability: /etc/bind/zones-rpz in rpz.warnet-ersa.net isOK
[INFO] check required debian-packages in rpz.warnet-ersa.net isOK
[INFO] archiving stale RPZ-dBase in rpz.warnet-ersa.net:/home/rpz-20230625-170736.tar.gz DONE
[INFO] syncronizing the latest RPZ-dBase to rpz.warnet-ersa.net:/etc/bind/zones-rpz DONE
[WARN] remote-host: rpz.warnet-ersa.net has scheduled to reboot at 05:12:51 PM WIB
[HINT] use 'shutdown -c' at host: rpz.warnet-ersa.net to abort
[DONE] completed IN 0m:16s:600ms
TASKs based on 4'th options: DONE
bye!