http://www.hackingsec.in/2012/10/how-to-block-your-website-from-scanners.html#.UJ4ineRLPVo

Here is a simple Bash script to block the Information disclosing nmap scans. This script is based upon IPTables. so for using this you should have IP tables installed on your server.

Script :~#  http://pastebin.com/ihdTgyZ6 (scripnya dibawah)

How to use ? 

– Save it as blocknmap.sh

–  chmod +x blocknmap.sh
–  ./blocknmap.sh

  1. #!/bin/bash
  2. # To run this file, first give the permission +x and execute this program
  3. # –# chmod +x blocknmap.sh
  4. # –# ./blocknmap.sh
  5. echo “1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1”
  6. echo “3                                                                      3”
  7. echo “3     ________   .__          ________                                 3”
  8. echo “7     \______ \  |__|  ______/   __   \     ____    ____    _____      7”
  9. echo “1      |    |  \ |  | /  ___/\____    /   _/ ___\  /  _ \  /     \     1”
  10. echo “3      |        \|  | \___ \    /    /    \  \___ (  <_> )|  Y Y  \    3”
  11. echo “3     /_______  /|__|/____  >  /____/   /\ \___  > \____/ |__|_|  /    3”
  12. echo “7             \/          \/            \/     \/               \/     7”
  13. echo “1                                                                      1”
  14. echo “3              >> The Underground Exploitation Team                    3”
  15. echo “3                                                                      3”
  16. echo “7                                                                      7”
  17. echo “1          [+] Site   : http://www.Dis9.com                            1”
  18. echo “3                                                                      3”
  19. echo “3                                                                      3”
  20. echo “7            ###############################################           7”
  21. echo “1            I’m Liyan Oz Leader of Underground Exploitation           1”
  22. echo “3            ###############################################           3”
  23. echo “3                                                                      3”
  24. echo “7-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-7”
  25. echo “========================================================================”
  26. echo “=                  Block Nmap Scanning using iptables                  =”
  27. echo “=                         C0ded by Liyan Oz                            =”
  28. echo “=                      http://0nto.wordpress.com                       =”
  29. echo “========================================================================”
  30. echo “”
  31. echo “”
  32. #=====================
  33. # Enable IP Forward
  34. #———————
  35. echo 1 > /proc/sys/net/ipv4/ip_forward
  36. #=====================
  37. # Flush semua rules
  38. #———————
  39. /sbin/iptables -F
  40. /sbin/iptables -t nat -F
  41. #=====================
  42. # Block
  43. #———————
  44. /sbin/iptables -t filter -A INPUT -p TCP -m state –state RELATED,ESTABLISHED -j ACCEPT
  45. /sbin/iptables -t filter -A INPUT -p UDP -m state –state RELATED,ESTABLISHED -j ACCEPT
  46. /sbin/iptables -t filter -A INPUT -p ICMP -m state –state RELATED,ESTABLISHED -j ACCEPT
  47. /sbin/iptables -t filter -A INPUT -m state –state INVALID -j DROP
  48. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ACK,FIN FIN -j LOG –log-prefix “FIN: ”
  49. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ACK,FIN FIN -j DROP
  50. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ACK,PSH PSH -j LOG –log-prefix “PSH: ”
  51. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ACK,PSH PSH -j DROP
  52. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ACK,URG URG -j LOG –log-prefix “URG: ”
  53. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ACK,URG URG -j DROP
  54. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL ALL -j LOG –log-prefix “XMAS scan: ”
  55. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL ALL -j DROP
  56. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL NONE -j LOG –log-prefix “NULL scan: ”
  57. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL NONE -j DROP
  58. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL SYN,RST,ACK,FIN,URG -j LOG –log-prefix “pscan: ”
  59. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP
  60. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags SYN,FIN SYN,FIN -j LOG –log-prefix “pscan 2: ”
  61. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags SYN,FIN SYN,FIN -j DROP
  62. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags FIN,RST FIN,RST -j LOG –log-prefix “pscan 2: ”
  63. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags FIN,RST FIN,RST -j DROP
  64. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL SYN,FIN -j LOG –log-prefix “SYNFIN-SCAN: ”
  65. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL SYN,FIN -j DROP
  66. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL URG,PSH,FIN -j LOG –log-prefix “NMAP-XMAS-SCAN: ”
  67. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL URG,PSH,FIN -j DROP
  68. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL FIN -j LOG –log-prefix “FIN-SCAN: ”
  69. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL FIN -j DROP
  70. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL URG,PSH,SYN,FIN -j LOG –log-prefix “NMAP-ID: ”
  71. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags ALL URG,PSH,SYN,FIN -j DROP
  72. /sbin/iptables -t filter -A INPUT   -p tcp –tcp-flags SYN,RST SYN,RST -j LOG –log-prefix “SYN-RST: ”

    #!/bin/bash

    # To run this file, first give the permission +x and execute this program

    # –# chmod +x blocknmap.sh

    # –# ./blocknmap.sh

    echo “1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1”

    echo “3 3”

    echo “3 ________ .__ ________ 3”

    echo “7 \______ \ |__| ______/ __ \ ____ ____ _____ 7”

    echo “1 | | \ | | / ___/\____ / _/ ___\ / _ \ / \ 1”

    echo “3 | \| | \___ \ / / \ \___ ( <_> )| Y Y \ 3”

    echo “3 /_______ /|__|/____ > /____/ /\ \___ > \____/ |__|_| / 3”

    echo “7 \/ \/ \/ \/ \/ 7”

    echo “1 1”

    echo “3 >> The Underground Exploitation Team 3”

    echo “3 3”

    echo “7 7”

    echo “1 [+] Site : http://www.Dis9.com 1”

    echo “3 3”

    echo “3 3”

    echo “7 ############################################### 7”

    echo “1 I’m Liyan Oz Leader of Underground Exploitation 1”

    echo “3 ############################################### 3”

    echo “3 3”

    echo “7-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-7”

    echo “========================================================================”

    echo “= Block Nmap Scanning using iptables =”

    echo “= C0ded by Liyan Oz =”

    echo “= http://0nto.wordpress.com =”

    echo “========================================================================”

    echo “”

    echo “”

    #=====================

    # Enable IP Forward

    #———————

    echo 1 > /proc/sys/net/ipv4/ip_forward

    #=====================

    # Flush semua rules

    #———————

    /sbin/iptables -F

    /sbin/iptables -t nat -F

    #=====================

    # Block

    #———————

    /sbin/iptables -t filter -A INPUT -p TCP -m state –state RELATED,ESTABLISHED -j ACCEPT

    /sbin/iptables -t filter -A INPUT -p UDP -m state –state RELATED,ESTABLISHED -j ACCEPT

    /sbin/iptables -t filter -A INPUT -p ICMP -m state –state RELATED,ESTABLISHED -j ACCEPT

    /sbin/iptables -t filter -A INPUT -m state –state INVALID -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ACK,FIN FIN -j LOG –log-prefix “FIN: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ACK,FIN FIN -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ACK,PSH PSH -j LOG –log-prefix “PSH: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ACK,PSH PSH -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ACK,URG URG -j LOG –log-prefix “URG: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ACK,URG URG -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL ALL -j LOG –log-prefix “XMAS scan: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL ALL -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL NONE -j LOG –log-prefix “NULL scan: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL NONE -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL SYN,RST,ACK,FIN,URG -j LOG –log-prefix “pscan: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags SYN,FIN SYN,FIN -j LOG –log-prefix “pscan 2: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags SYN,FIN SYN,FIN -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags FIN,RST FIN,RST -j LOG –log-prefix “pscan 2: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags FIN,RST FIN,RST -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL SYN,FIN -j LOG –log-prefix “SYNFIN-SCAN: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL SYN,FIN -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL URG,PSH,FIN -j LOG –log-prefix “NMAP-XMAS-SCAN: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL URG,PSH,FIN -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL FIN -j LOG –log-prefix “FIN-SCAN: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL FIN -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL URG,PSH,SYN,FIN -j LOG –log-prefix “NMAP-ID: ”

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags ALL URG,PSH,SYN,FIN -j DROP

    /sbin/iptables -t filter -A INPUT -p tcp –tcp-flags SYN,RST SYN,RST -j LOG –log-prefix “SYN-RST: “