IT Share NVP -ViettechgroupVN-Phuong Nguyen blog Viettechgroup.vn | Share make us stronger Knowledge is Sharing Viettechgroup- Sharing Make Us Stronger-Kiến thức CNTT là sự chia sẻ- NVP-Chia sẻ làm chúng ta mạnh hơn-Viettechgroup.vn Viettechgroup.com.vn| ITShareNVP Channel | Phương Nguyễn | Phuong Nguyen Blog| Lưu trữ kiến thức chia sẽ kinh nghiệm CNTT | Phương Nguyễn

Instructions for creating a Block IP CC list according to CV 1024 / ATTT-VNCERT on Cisco ASA firewall

Uncategorized
phuong.nguyen
0 582

According to the official letter No. 1024 / CATTT-VNCERT on scanning, handling and unloading malicious code of the targeted network attack campaign of more than 400,000 foreign ip to attack Vietnam. Today I will guide you to create a policy of locking the entire IP list on the firewall ASA 5525-x (okay, some other firewalls have different commands: fortigate, Sophos …).

I have made an excel table to make an IP list that needs to block as follows: download here

Method 1 Execute commands on consoles of CISCO ASA:

Create IP object

---------------------------------------------------------
 --CREATE BY IT SHARE NVP-Viettechgroup.vn
 --DATE: 2019-10-31
 --Hướng dẫn tạo danh sách Block IP CC theo CV 1024/ATTT-VNCERT
 --Catalogies: Lab Cisco ASA
 ---------------------------------------------------------
Lệnh tạo đối tượng IP:
Conf t
object network OBJ-CC-58.158.177.102
     host 58.158.177.102
     description OBJ-CC-58.158.177.102
 object network OBJ-CC-156.230.21.30
     host 156.230.21.30
     description OBJ-CC-156.230.21.30
 object network OBJ-CC-50.63.202.70
     host 50.63.202.70
     description OBJ-CC-50.63.202.70
 object network OBJ-CC-50.63.202.79
     host 50.63.202.79
     description OBJ-CC-50.63.202.79
 object network OBJ-CC-45.32.50.150
     host 45.32.50.150
     description OBJ-CC-45.32.50.150
 object network OBJ-CC-167.88.180.15
     host 167.88.180.15
     description OBJ-CC-167.88.180.15
 object network OBJ-CC-167.88.178.24
     host 167.88.178.24
     description OBJ-CC-167.88.178.24
 object network OBJ-CC-43.254.217.67
     host 43.254.217.67
     description OBJ-CC-43.254.217.67
 object network OBJ-CC-154.221.24.47
     host 154.221.24.47
     description OBJ-CC-154.221.24.47
 object network OBJ-CC-144.202.54.86
     host 144.202.54.86
     description OBJ-CC-144.202.54.86
 object network OBJ-CC-50.63.202.94
     host 50.63.202.94
     description OBJ-CC-50.63.202.94
 object network OBJ-CC-50.63.202.67
     host 50.63.202.67
     description OBJ-CC-50.63.202.67
 object network OBJ-CC-50.63.202.82
     host 50.63.202.82
     description OBJ-CC-50.63.202.82
 object network OBJ-CC-184.168.221.94
     host 184.168.221.94
     description OBJ-CC-184.168.221.94
 object network OBJ-CC-184.168.221.82
     host 184.168.221.82
     description OBJ-CC-184.168.221.82
 object network OBJ-CC-184.168.221.71
     host 184.168.221.71
     description OBJ-CC-184.168.221.71
 object network OBJ-CC-50.63.202.73
     host 50.63.202.73
     description OBJ-CC-50.63.202.73
 object network OBJ-CC-207.148.12.47
     host 207.148.12.47
     description OBJ-CC-207.148.12.47
 object network OBJ-CC-149.28.74.41
     host 149.28.74.41
     description OBJ-CC-149.28.74.41
 object network OBJ-CC-207.148.78.101
     host 207.148.78.101
     description OBJ-CC-207.148.78.101
 object network OBJ-CC-149.28.74.149
     host 149.28.74.149
     description OBJ-CC-149.28.74.149
 object network OBJ-CC-50.63.202.59
     host 50.63.202.59
     description OBJ-CC-50.63.202.59
 object network OBJ-CC-198.54.117.200
     host 198.54.117.200
     description OBJ-CC-198.54.117.200
 object network OBJ-CC-198.54.117.199
     host 198.54.117.199
     description OBJ-CC-198.54.117.199
 object network OBJ-CC-198.54.117.197
     host 198.54.117.197
     description OBJ-CC-198.54.117.197
 object network OBJ-CC-198.54.117.198
     host 198.54.117.198
     description OBJ-CC-198.54.117.198
 object network OBJ-CC-162.255.119.150
     host 162.255.119.150
     description OBJ-CC-162.255.119.150
 object network OBJ-CC-167.88.180.148
     host 167.88.180.148
     description OBJ-CC-167.88.180.148
 object network OBJ-CC-167.88.177.224
     host 167.88.177.224
     description OBJ-CC-167.88.177.224
 object network OBJ-CC-167.88.180.3
     host 167.88.180.3
     description OBJ-CC-167.88.180.3
 object network OBJ-CC-45.248.87.14
     host 45.248.87.14
     description OBJ-CC-45.248.87.14
 object network OBJ-CC-91.195.240.117
     host 91.195.240.117
     description OBJ-CC-91.195.240.117
 object network OBJ-CC-103.224.182.250
     host 103.224.182.250
     description OBJ-CC-103.224.182.250
 object network OBJ-CC-185.239.226.19
     host 185.239.226.19
     description OBJ-CC-185.239.226.19
 object network OBJ-CC-45.77.209.52
     host 45.77.209.52
     description OBJ-CC-45.77.209.52
 object network OBJ-CC-167.88.178.118
     host 167.88.178.118
     description OBJ-CC-167.88.178.118
 object network OBJ-CC-185.239.226.61
     host 185.239.226.61
     description OBJ-CC-185.239.226.61
 object network OBJ-CC-45.77.184.12
     host 45.77.184.12
     description OBJ-CC-45.77.184.12

Create an object-group network group named G_Deny

object-group network G_Deny
     network-object object OBJ-CC-58.158.177.102
     network-object object OBJ-CC-156.230.21.30
     network-object object OBJ-CC-50.63.202.70
     network-object object OBJ-CC-50.63.202.79
     network-object object OBJ-CC-45.32.50.150
     network-object object OBJ-CC-167.88.180.15
     network-object object OBJ-CC-167.88.178.24
     network-object object OBJ-CC-43.254.217.67
     network-object object OBJ-CC-154.221.24.47
     network-object object OBJ-CC-144.202.54.86
     network-object object OBJ-CC-50.63.202.94
     network-object object OBJ-CC-50.63.202.67
     network-object object OBJ-CC-50.63.202.82
     network-object object OBJ-CC-184.168.221.94
     network-object object OBJ-CC-184.168.221.82
     network-object object OBJ-CC-184.168.221.71
     network-object object OBJ-CC-50.63.202.73
     network-object object OBJ-CC-207.148.12.47
     network-object object OBJ-CC-149.28.74.41
     network-object object OBJ-CC-207.148.78.101
     network-object object OBJ-CC-149.28.74.149
     network-object object OBJ-CC-50.63.202.59
     network-object object OBJ-CC-198.54.117.200
     network-object object OBJ-CC-198.54.117.199
     network-object object OBJ-CC-198.54.117.197
     network-object object OBJ-CC-198.54.117.198
     network-object object OBJ-CC-162.255.119.150
     network-object object OBJ-CC-167.88.180.148
     network-object object OBJ-CC-167.88.177.224
     network-object object OBJ-CC-167.88.180.3
     network-object object OBJ-CC-45.248.87.14
     network-object object OBJ-CC-91.195.240.117
     network-object object OBJ-CC-103.224.182.250
     network-object object OBJ-CC-185.239.226.19
     network-object object OBJ-CC-45.77.209.52
     network-object object OBJ-CC-167.88.178.118
     network-object object OBJ-CC-185.239.226.61
     network-object object OBJ-CC-45.77.184.12

Create policy Access rules

access-list WAN1-ACCESS-IN extended deny ip object-group G_Deny any 
access-list WAN2-ACCESS-IN extended deny ip object-group G_Deny any 
access-group WAN1-ACCESS-IN in interface wan1
access-group WAN2-ACCESS-IN in interface wan2

Method 2 Create on ASA Cisco Interface ASDM

Create IP Object

ASDM->Configuration->Firewall->Objects->Networks Object/Group->Add

Related Posts

Exchange Server 2013 End of Support Coming Soon

Managing Exchange Mailbox Inbox Rules with Exchange…

Released: September 2021 Quarterly Exchange Updates

Image 1

Similarly create another turn for other IPs

Create Group object

Image 5

Create Access Rules

Good luck for you !!

phuong.nguyen599 posts 7 comments

Phuong Nguyen is the website owner viettechgroup.vn, phuongnguyenit.com. Phuong Nguyen is IT Pro, MCSA, MCSE, MCITP, CCNA, VCP, LPI, Cloud Services.. Senior management experts in large corporations and enterprises Bussiness.

Phuong Nguyen has more than 16 years of experience in the field of Small and Medium IT System Administration, Microsoft solutions, Cloud, Cisco Network Infrastructure Management (Router, Swicth, FIrewall ASA Cisco,..), Fortigate,.. VMware vSphere, vCenter virtualization administration,.. Major backup solutions: Veeam Backup, Veritas Backup, Net Backup,...

Related Thêm từ tác giả

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. AcceptRead More