blocklist-ipsets
zyre
Our great sponsors
blocklist-ipsets | zyre | |
---|---|---|
39 | 1 | |
2,910 | 854 | |
3.3% | 0.7% | |
2.8 | 4.5 | |
1 day ago | 19 days ago | |
Shell | C | |
- | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
blocklist-ipsets
- IPlist of bots/malicious actors
-
A good malware/threat filtering choice on OPNSense
Yes, unfortunately i think this also happened other times with Firehol L3 (you can see https://github.com/firehol/blocklist-ipsets/issues/188) but thanks for the lists advice.
-
Creating a cyber threat intelligence tool
It sounds like you want to jump into game development before learning how to write "Hello, world!". Try using any of the open source tools that already do this and sign up for some "free" threat intel tools and learn the lay of the land. https://www.misp-project.org/ https://github.com/OpenCTI-Platform/opencti https://iplists.firehol.org/ https://www.greynoise.io/
-
Did anyone notice an abnormal increase in banned clients? These are my daily fail2ban ban count
I believe you are running SSH over default port 22 - feel free to change that. You can also use iplists from FireHOL to block any connection from blacklisted (on way or another) IPs - https://iplists.firehol.org/
-
blocklist-ipsets VS Lists - a user suggested alternative
2 projects | 19 Jan 2023
-
Show HN: A Golang package and tool to detect Tor exit IP addresses
Tor exits are tracked here [1] and in a few other block-list repos. The data is built from Tor's exit node list [2]
-
Ask HN: Someone is proxy-mirroring my website, can I do anything?
http://iplists.firehol.org/ looks free and very comprehensive. It has whole bunch of sub-lists of IPs that are likely to be sources of abuse, including datacenters and VPNs, and it gets updated frequently. Github: https://github.com/firehol/firehol
-
UFW setup for decent security
Sure, few links for when you dig in: http://iplists.firehol.org/, https://crowdsec.net/, https://www.zeroflux.org/projects/knock/, https://www.cipherdyne.org/fwknop/
-
Anyone have to block Russia on their firewall today?
Geoblocking is ancient and ineffective. Firehol keeps updated lists of bad ips https://iplists.firehol.org/
-
A distributed peer to peer list of bad actor IP addresses and phone numbers
Off-Topic question: Is there an existing static file that contains all the attacking IP's from a 3 or 6 month period that spawned the creation of this system? I would like to compare it to what is in firehol's repo. [1] Not trying to downplay anything, just looking to see the delta of the outliers.
zyre
-
A distributed peer to peer list of bad actor IP addresses and phone numbers
I hope to expand the protocol list once I can figure out Network Discovery on the WAN - https://github.com/zeromq/zyre/issues/701
What are some alternatives?
nginx-ultimate-bad-bot-blocker - Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
firehol - A firewall for humans...
crowdsec - CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
my-pihole-blocklists - Create custom pi-hole blocklists
ipsum - Daily feed of bad IPs (with blacklist hit scores)
block - Let's make an annoyance free, better open internet, altogether!
geoip-blocking-w-firewalld - Block unwanted countries IPv4 & IPv6 ranges with firewalld using ipdeny.com
opencti - Open Cyber Threat Intelligence Platform
StrictBlockPAllebone - Manually curated IP Blocklist. Recommended only to update your firewalls weekly with this list. Please read how to use before implementing.
MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform
freemail - A database of free and disposable email domains and a golang module for querying it.
fwknop - Single Packet Authorization > Port Knocking