1.6 KiB
Welcome to my portscan protector.
This software aims to allow you to easily secure your server from hackers.
Its super lightweight and has no third party dependencies.
All it does is open a few ports that you arent using (You have to define these ports yourself) and whenever someone connect to such a port, you can be certain that its someone trying to break into your system, as you as the owner of the system know that there is no legit service behind the port.
Requirements:
- A server that you want to protect
- Any somewhat modern nodejs version (preferrably go with the current LTS version)
Considering that the service utilises iptables to ban malicious ips, you need to run it with privileges, either sudo or running it directly through root.
Also make sure you have iptables installed, it should be installed by default, but just check with iptables --help
If you just want to run the program
go into the directory and type into the terminal
node main
If you want to run it as a service
Create a service file
nano /lib/systemd/system/portscan_protector.service
Enter the service instructions into the file
[Unit]
Description=Honeypot to protect against portscanners
After=network.target
[Service]
Type=simple
User=root
ExecStart=/usr/bin/node /root/portscan_protector/main.js
Restart=on-failure
[Install]
WantedBy=multi-user.target
Reload the service daemon
systemctl daemon-reload
Enable the service
systemctl enable portscan_protector
Start the service
systemctl start portscan_protector
Check if the service is running
systemctl status portscan_protector