blocklist-ipsets
ipsum
Our great sponsors
blocklist-ipsets | ipsum | |
---|---|---|
39 | 10 | |
2,910 | 1,273 | |
3.0% | - | |
2.8 | 2.8 | |
about 13 hours ago | about 22 hours ago | |
Shell | ||
- | The Unlicense |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
blocklist-ipsets
- IPlist of bots/malicious actors
-
A good malware/threat filtering choice on OPNSense
Yes, unfortunately i think this also happened other times with Firehol L3 (you can see https://github.com/firehol/blocklist-ipsets/issues/188) but thanks for the lists advice.
-
Creating a cyber threat intelligence tool
It sounds like you want to jump into game development before learning how to write "Hello, world!". Try using any of the open source tools that already do this and sign up for some "free" threat intel tools and learn the lay of the land. https://www.misp-project.org/ https://github.com/OpenCTI-Platform/opencti https://iplists.firehol.org/ https://www.greynoise.io/
-
Did anyone notice an abnormal increase in banned clients? These are my daily fail2ban ban count
I believe you are running SSH over default port 22 - feel free to change that. You can also use iplists from FireHOL to block any connection from blacklisted (on way or another) IPs - https://iplists.firehol.org/
-
blocklist-ipsets VS Lists - a user suggested alternative
2 projects | 19 Jan 2023
-
Show HN: A Golang package and tool to detect Tor exit IP addresses
Tor exits are tracked here [1] and in a few other block-list repos. The data is built from Tor's exit node list [2]
-
Ask HN: Someone is proxy-mirroring my website, can I do anything?
http://iplists.firehol.org/ looks free and very comprehensive. It has whole bunch of sub-lists of IPs that are likely to be sources of abuse, including datacenters and VPNs, and it gets updated frequently. Github: https://github.com/firehol/firehol
-
UFW setup for decent security
Sure, few links for when you dig in: http://iplists.firehol.org/, https://crowdsec.net/, https://www.zeroflux.org/projects/knock/, https://www.cipherdyne.org/fwknop/
-
Anyone have to block Russia on their firewall today?
Geoblocking is ancient and ineffective. Firehol keeps updated lists of bad ips https://iplists.firehol.org/
-
A distributed peer to peer list of bad actor IP addresses and phone numbers
Off-Topic question: Is there an existing static file that contains all the attacking IP's from a 3 or 6 month period that spawned the creation of this system? I would like to compare it to what is in firehol's repo. [1] Not trying to downplay anything, just looking to see the delta of the outliers.
ipsum
- Do you use blacklists / IP threat intelligence and are they helpful?
-
So I opened up one port on my network for an SFTP server, and in just the last 7 days there have been 611 attempts to log into it... It's always interesting to see the usernames that try to log in, so I pulled them and sorted them all out.
Do yourself a favor and load up your iptables with the ipsum blacklist.
- Shodan Lifetime $4 USD
What are some alternatives?
nginx-ultimate-bad-bot-blocker - Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
firehol - A firewall for humans...
crowdsec - CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
my-pihole-blocklists - Create custom pi-hole blocklists
block - Let's make an annoyance free, better open internet, altogether!
geoip-blocking-w-firewalld - Block unwanted countries IPv4 & IPv6 ranges with firewalld using ipdeny.com
opencti - Open Cyber Threat Intelligence Platform
StrictBlockPAllebone - Manually curated IP Blocklist. Recommended only to update your firewalls weekly with this list. Please read how to use before implementing.
MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform
minerstat-os - msOS - Open Source Mining OS. Repository moved, no longer using github
sshesame - An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in and logs their activity