I installed alien vault’s OSSIM (the community\/free one) and added my subnets for scans. Unfortunately my APC PDUs and batteries really dislike having connection attempts every 2 hours.<\/p>\n
Options would include deleting the range and adding smaller ranges, blocking via a firewall, or disabling alerts on the APCs for connection attempts.<\/p>\n
So I opted for the easiest of blocking via the firewall:<\/p>\n
SSH to my OSSIM box and “jailbreak” to get to a shell<\/strong><\/p>\n Create a Shell script<\/strong> iptables -A OUTPUT -d 10.4.0.241 -j DROP Make the Shell script Executable<\/strong> Run the Shell script<\/strong> I installed alien vault’s OSSIM (the community\/free one) and added my subnets for scans. Unfortunately my APC PDUs and batteries really dislike having connection attempts every 2 hours. Options would include deleting the range and adding smaller ranges, blocking via a firewall, or disabling alerts on the APCs for connection attempts. So I opted for … Continue reading OSSIM Block Connection Attempts<\/span>
\nnano block_apc.sh<\/code><\/p>\n
\niptables -A OUTPUT -d 10.4.0.242 -j DROP
\niptables -A OUTPUT -d 10.4.0.243 -j DROP
\niptables -A OUTPUT -d 10.4.0.244 -j DROP
\niptables-save<\/p><\/blockquote>\nCtrl X<\/code>
\nY<\/code><\/p>\n
\nchmod +x block_apc.sh<\/code><\/p>\n
\n.\/block_apc.sh<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"