Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.os.linux.security > #753 > unrolled thread
| Started by | Supratim Sanyal <supratim@riseupdeleteme.net> |
|---|---|
| First post | 2022-03-06 00:00 -0500 |
| Last post | 2022-06-08 00:07 -0400 |
| Articles | 6 — 4 participants |
Back to article view | Back to comp.os.linux.security
current public ip blocklists Supratim Sanyal <supratim@riseupdeleteme.net> - 2022-03-06 00:00 -0500
Re: current public ip blocklists Grant Taylor <gtaylor@tnetconsulting.net> - 2022-03-05 22:56 -0700
Re: current public ip blocklists Allodoxaphobia <trepidation@example.net> - 2022-05-24 13:32 +0000
Re: current public ip blocklists Supratim Sanyal <supratim@riseupdeleteme.net> - 2022-06-08 00:11 -0400
Re: current public ip blocklists rek2 hispagatos <rek2@hispagatos.org.invalid> - 2022-07-08 14:56 +0000
Re: current public ip blocklists Supratim Sanyal <supratim@riseupdeleteme.net> - 2022-06-08 00:07 -0400
| From | Supratim Sanyal <supratim@riseupdeleteme.net> |
|---|---|
| Date | 2022-03-06 00:00 -0500 |
| Subject | current public ip blocklists |
| Message-ID | <t01f6a$6k5$1@gioia.aioe.org> |
I am currently maintaining the following IP blocklists based on brute-force attacks. Maybe useful to folks usimg pfBlockerNG on pfSense, pihole, etc. http://sanyalnet-cloud-vps.freeddns.org/blocklist.txt http://sanyalnet-cloud-vps2.freeddns.org/blocklist.txt http://sanyalnet-cloud-vps3.freeddns.org/blocklist.txt http://sanyalnet-cloud-vps4.duckdns.org/blocklist.txt http://impvax.duckdns.org/blocklist.txt http://hecnet-us-east-gw.duckdns.org/blocklist.txt (the last two are currently the same server for now). thanks.
[toc] | [next] | [standalone]
| From | Grant Taylor <gtaylor@tnetconsulting.net> |
|---|---|
| Date | 2022-03-05 22:56 -0700 |
| Message-ID | <t01idh$epm$1@tncsrv09.home.tnetconsulting.net> |
| In reply to | #753 |
On 3/5/22 10:00 PM, Supratim Sanyal wrote: > I am currently maintaining the following IP blocklists I'm curious why you have multiple different lists. I would think that you would have the systems linked so that they can share IPs and block sources that have attacked other systems. -- Grant. . . . unix || die
[toc] | [prev] | [next] | [standalone]
| From | Allodoxaphobia <trepidation@example.net> |
|---|---|
| Date | 2022-05-24 13:32 +0000 |
| Message-ID | <slrnt8pni4.2tsc.trepidation@vps.jonz.net> |
| In reply to | #754 |
On Sat, 5 Mar 2022 22:56:22 -0700, Grant Taylor wrote:
> On 3/5/22 10:00 PM, Supratim Sanyal wrote:
>> I am currently maintaining the following IP blocklists
>
> I'm curious why you have multiple different lists.
>
> I would think that you would have the systems linked so that they can
> share IPs and block sources that have attacked other systems.
I was hoping to see some discuss here.
I currently get a list of Bad Actors from
https://github.com/stamparm/ipsum
to use as an addendum to the CIDRs I generate from my own pflog
for my VPS.
Jonesy
--
Marvin L Jones | Marvin | W3DHJ.net | linux
38.238N 104.547W | @ jonz.net | Jonesy | FreeBSD
* Killfiling google & XXXXbanter.com: jonz.net/ng.htm
[toc] | [prev] | [next] | [standalone]
| From | Supratim Sanyal <supratim@riseupdeleteme.net> |
|---|---|
| Date | 2022-06-08 00:11 -0400 |
| Message-ID | <t7p7ht$1mt3$1@gioia.aioe.org> |
| In reply to | #756 |
On 5/24/22 9:32 AM, Allodoxaphobia wrote: > I currently get a list of Bad Actors from > > https://github.com/stamparm/ipsum great lists; will use them. thanks.
[toc] | [prev] | [next] | [standalone]
| From | rek2 hispagatos <rek2@hispagatos.org.invalid> |
|---|---|
| Date | 2022-07-08 14:56 +0000 |
| Message-ID | <ta9gj6$o976$1@dont-email.me> |
| In reply to | #758 |
Interesting. On 2022-06-08, Supratim Sanyal <supratim@riseupdeleteme.net> wrote: > On 5/24/22 9:32 AM, Allodoxaphobia wrote: >> I currently get a list of Bad Actors from >> >> https://github.com/stamparm/ipsum > > great lists; will use them. thanks. -- gemini://hispagatos.org gemini://rek2.hispagatos.org https://hispagatos.org https://hispagatos.space/@rek2
[toc] | [prev] | [next] | [standalone]
| From | Supratim Sanyal <supratim@riseupdeleteme.net> |
|---|---|
| Date | 2022-06-08 00:07 -0400 |
| Message-ID | <t7p7a7$1j0h$1@gioia.aioe.org> |
| In reply to | #754 |
On 3/6/22 12:56 AM, Grant Taylor wrote: > On 3/5/22 10:00 PM, Supratim Sanyal wrote: >> I am currently maintaining the following IP blocklists > > I'm curious why you have multiple different lists. > > I would think that you would have the systems linked so that they can > share IPs and block sources that have attacked other systems. they are also reported to blocklist.de and abuseipd; all boxes use blocklist.de's list, so the ips are shared indirectly ...
[toc] | [prev] | [standalone]
Back to top | Article view | comp.os.linux.security
csiph-web