Backup and Restore PFSense Aliases
Leveraging a block list provided by someone else or move an alias list from one PFSense device to another
This is one of my posts on
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.
🔒 Related Stories: Network Security | PFSense | Netgate
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Timeout from my latest blog series as I have a new Azure class coming up so I may be skipping around a bit, but I will be continuing the CloudSecurity Automation Series as time allows. Right now I’m going to jump back over to my home networking series for a second. I have some changes I need to make.
I’ve written before about how you might want to leverage aliases to block IP ranges that are known to host scanners and scammers:
Scanners lead to scammers
Sources of unrequested network traffic from the past few months
medium.com
Have you ever looked at the traffic hitting your network on two high ports? More on that and one network rule that can weed out a lot of bad traffic here. Unfortunately you can’t do this in AWS Security Groups or NACLs and other basic security controls on in other cloud environments. You should be able to do it on an AWS Firewal but I haven’t tried it yet.
I’ve been tracking some of the scanner traffic and adding it to aliases over time. Now I want to transfer that configuration to another device. It’s a different device so I don’t want to copy all the configuration, but I do wnat my aliases so I can create the appropriate rules to block traffic. Although I have a lot of IP ranges in my aliases my firewall seems to be able to handle the load because I immediately drop bad traffic.
Backing up Aliases on PFSense
In this post we want to back up an our aliases on one PFSense device to transfer to or share with another device.
First head over to Diagnostics > Backup & Restore.
Choose Aliases from the drop down list next to Backup area.
Click download configuration as XML. Store it wherever is appropriate on your local device.
Backup other system configuration data
Next I can back up other parts of the system configuration I want to copy to a new device.
I’m going to pick and choose what I copy over. That seems a bit safer than trying to apply a complete configuration. My devices have a different number of ports so things aren’t going to exactly translate.
Now that I’ve backed up my files I can move them to a new device.
Adding Aliases to a different device or restoring a backup
Now you can log into the new device and reverse the process.
You can repeat that process with any other portions of a configuration you want to backup and restore to another device.
Next I’m going to fire up a new PFSense device.
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2022
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight LabNeed Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for PresentationFollow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab