forked from crunchy-devops/jenkins-pic
-
Notifications
You must be signed in to change notification settings - Fork 0
/
evict_malware.sh
27 lines (27 loc) · 2.05 KB
/
evict_malware.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
#!/usr/bin/bash
sudo kill -9 `ps -aux | grep kinsing | grep 70 | awk '{ print $2 }'`
sudo kill -9 `ps -aux | grep kdevtmpfsi | grep 70 | awk '{ print $2 }'`
sudo find / -iname kdevtmpfsi* -exec rm -fv {} \;
sudo find / -iname kinsing* -exec rm -fv {} \;
sudo touch /tmp/kdevtmpfsi && sudo touch /var/tmp/kinsing
sudo echo "kdevtmpfsi is fine now" > /tmp/kdevtmpfsi
sudo echo "kinsing is fine now" > /tmp/kinsing
sudo chmod 0444 /tmp/kdevtmpfsi
sudo chmod 0444 /var/tmp/kinsing
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='104.248.3.165' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='139.99.50.255' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='185.61.7.8' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='188.120.254.224' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='193.33.87.220' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='195.123.220.193' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='45.10.88.102' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='46.229.215.164' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='46.243.253.167' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='47.65.90.240' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='62.113.112.127' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='67.205.161.58' reject"
sudo firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='91.215.169.111' reject"
sudo firewall-cmd --permanent --zone=public --add-port=22/tcp
sudo firewall-cmd --permanent --zone=public --add-port=80/tcp
sudo firewall-cmd --permanent --zone=public --add-port=5432/tcp
sudo firewall-cmd --permanent --zone=public --add-port=29000/tcp