Backup and Restore PFSense Aliases
Leveraging a block list provided by someone else or move an alias list from one PFSense device to another
This is a continuation of posts on Network Security
Timeout from my latest blog series as I have a new Azure class coming up so I may be skipping around a bit, but I will be continuing the CloudSecurity Automation Series as time allows. Right now I’m going to jump back over to my home networking series for a second. I have some changes I need to make.
I’ve written before about how you might want to leverage aliases to block IP ranges that are known to host scanners and scammers:
Have you ever looked at the traffic hitting your network on two high ports? More on that and one network rule that can weed out a lot of bad traffic here. Unfortunately you can’t do this in AWS Security Groups or NACLs and other basic security controls on in other cloud environments. You should be able to do it on an AWS Firewal but I haven’t tried it yet.
One Rule To Identify Network Noise
One basic rule filters out a whole lot of noise on your network
I’ve been tracking some of the scanner traffic and adding it to aliases over time. Now I want to transfer that configuration to another device. It’s a different device so I don’t want to copy all the configuration, but I do wnat my aliases so I can create the appropriate rules to block traffic. Although I have a lot of IP ranges in my aliases my firewall seems to be able to handle the load because I immediately drop bad traffic.
Backing up Aliases on PFSense
In this post we want to back up an our aliases on one PFSense device to transfer to or share with another device.
First head over to Diagnostics > Backup & Restore.
Choose Aliases from the drop down list next to Backup area.
Click download configuration as XML. Store it wherever is appropriate on your local device.
Backup other system configuration data
Next I can back up other parts of the system configuration I want to copy to a new device.
I’m going to pick and choose what I copy over. That seems a bit safer than trying to apply a complete configuration. My devices have a different number of ports so things aren’t going to exactly translate.
Now that I’ve backed up my files I can move them to a new device.
Adding Aliases to a different device or restoring a backup
Now you can log into the new device and reverse the process.
You can repeat that process with any other portions of a configuration you want to backup and restore to another device.
Next I’m going to fire up a new PFSense device.
Follow for updates.
If you liked this story ~ clap, follow, tip, buy me a coffee, or hire me:
Medium: Teri Radichel
Email List: Teri Radichel
Twitter (company): @2ndSightLab
Facebook: 2nd Sight Lab
Slideshare: Presentations by Teri Radichel
Speakerdeck: Presentations by Teri Radichel
Books: Teri Radichel on Amazon
Recognition: SANS Difference Makers Award, AWS Hero, IANS Faculty
Education: BA Business, Master of Sofware Engineering, Master of Infosec
How I got into security: Woman in tech
Buy me a coffee: Teri Radichel
Company (Penetration Tests, Assessments, Training): 2nd Sight Lab
Request services via LinkedIn: Teri Radichel or IANS Research
© 2nd Sight Lab 2022
Cybersecurity for Executives in the Age of Cloud on Amazon
Need Cloud Security Training? 2nd Sight Lab Cloud Security Training
Is your cloud secure? Hire 2nd Sight Lab for a penetration test or security assessment.
Have a Cybersecurity or Cloud Security Question? Ask Teri Radichel by scheduling a call with IANS Research.
Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts