Cyber Defense Advisors

Backup and Restore PFSense Aliases

Leveraging a block list provided by someone else

This is a continuation of posts on Network Security

Timeout from my latest blog series as I have a new Azure class coming up so I may be skipping around a bit, but I will be continuing the CloudSecurity Automation Series as time allows. Right now I’m going to jump back over to my home networking series for a second. I have some changes I need to make.

I’ve written before about how you might want to leverage aliases to block IP ranges that are known to host scanners and scammers:

Scanners lead to scammers

Have you ever looked at the traffic hitting your network on two high ports? More on that and one network rule that can weed out a lot of bad traffic here. Unfortunately you can’t do this in AWS Security Groups or NACLs and other basic security controls on in other cloud environments. You should be able to do it on an AWS Firewal but I haven’t tried it yet.

One Rule To Identify Network Noise

I’ve been tracking some of the scanner traffic and adding it to aliases over time. Now I want to transfer that configuration to another device. It’s a different device so I don’t want to copy all the configuration, but I do wnat my aliases so I can create the appropriate rules to block traffic. Although I have a lot of IP ranges in my aliases my firewall seems to be able to handle the load because I immediately drop bad traffic.

Backing up Aliases on PFSense

In this post we want to back up an our aliases on one PFSense device to transfer to or share with another device.

First head over to Diagnostics > Backup & Restore.

Choose Aliases from the drop down list next to Backup area.

Click download configuration as XML. Store it wherever is appropriate on your local device.

Backup other system configuration data

Next I can back up other parts of the system configuration I want to copy to a new device.

I’m going to pick and choose what I copy over. That seems a bit safer than trying to apply a complete configuration. My devices have a different number of ports so things aren’t going to exactly translate.

Now that I’ve backed up my files I can move them to a new device.

Adding Aliases to a different device or restoring a backup

Now you can log into the new device and reverse the process.

You can repeat that process with any other portions of a configuration you want to backup and restore to another device.

Next I’m going to fire up a new PFSense device.

Follow for updates.

Teri Radichel

If you liked this story please clap and follow:

******************************************************************

Medium: Teri Radichel or Email List: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests services via LinkedIn: Teri Radichel or IANS Research

******************************************************************

© 2nd Sight Lab 2022

____________________________________________

Author:

Cybersecurity for Executives in the Age of Cloud on Amazon

Need Cloud Security Training? 2nd Sight Lab Cloud Security Training

Is your cloud secure? Hire 2nd Sight Lab for a penetration test or security assessment.

Have a Cybersecurity or Cloud Security Question? Ask Teri Radichel by scheduling a call with IANS Research.

Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts

Backup and Restore PFSense Aliases was originally published in Cloud Security on Medium, where people are continuing the conversation by highlighting and responding to this story.