Download the relevant file and place it in an appropriate location:
wget https://fastnetmon.netio.com.tr/fastnetmon-netio -O /usr/bin/fastnetmon-netioGrant the file appropriate permissions:
chmod +x /usr/bin/fastnetmon-netio
echo "{}" | sudo tee /usr/bin/output.json > /dev/nullCreate a systemd unit file to run it as a service and paste the following content:
nano /etc/systemd/system/fastnetmon-netio.serviceContents of /etc/systemd/system/fastnetmon-netio.service:
# /etc/systemd/system/fastnetmon-netio.service
[Unit]
Description=FastNetMon - netIO
After=network.target
[Service]
ExecStart=/usr/bin/fastnetmon-netio
Restart=always
User=nobody
Group=nogroup
WorkingDirectory=/usr/bin/
[Install]
WantedBy=multi-user.targetEnable the service:
systemctl enable fastnetmon-netioStart the service:
systemctl start fastnetmon-netioCreate the notify_about_attack.sh file:
nano /usr/local/bin/notify_about_attack.shContents of /usr/local/bin/notify_about_attack.sh:
#!/usr/bin/env bash
if [ "$4" = "unban" ]; then
curl http://127.0.0.1:8179/remove/$1
exit 0
fi
if [ "$4" = "ban" ]; then
curl http://127.0.0.1:8179/add/$1
exit 0
fiGrant the file appropriate permissions:
chmod +x /usr/local/bin/notify_about_attack.shEdit the FastNetMon configuration file:
nano /etc/fastnetmon.confSet the notify_script_path parameter as follows:
notify_script_path = /usr/local/bin/notify_about_attack.shTo set up FastNetMon-netIO with your router for BGP, you will need the following information:
FastNetMon-netIO IP= Your server IP address
ASN= 65090
TCP Port= 179
Multihop= enableIncoming prefixes are tagged with a 666 community tag.
You can use IP Tables on your installation server. Keep TCP port 8179 closed to the outside.