Robot
/
blocklist-ipsets
mirror of https://github.com/firehol/blocklist-ipsets.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Sun Nov 20 14:08:55 UTC 2016 update

This commit is contained in:
Costa Tsaousis 2016-11-20 14:08:55 +00:00
parent 5d12182145
commit 1002ddcf5b
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -220,7 +220,7 @@ This script will update each ipset and call firehol to update the ipset while th
# List of ipsets included
The following list was automatically generated on Sun Nov 20 14:06:50 UTC 2016.
The following list was automatically generated on Sun Nov 20 14:08:55 UTC 2016.
The update frequency is the maximum allowed by internal configuration. A list will never be downloaded sooner than the update frequency stated. A list may also not be downloaded, after this frequency expired, if it has not been modified on the server (as reported by HTTP `IF_MODIFIED_SINCE` method).
@ -605,7 +605,7 @@ bambenek_p2pgoz|[Bambenek Consulting](http://osint.bambenekconsulting.com/feeds/
[dragon_sshpauth](http://iplists.firehol.org/?ipset=dragon_sshpauth)|[Dragon Research Group](http://www.dragonresearchgroup.org/) IP address that has been seen attempting to remotely login to a host using SSH password authentication, in the last 7 days. This report lists hosts that are highly suspicious and are likely conducting malicious SSH password authentication attacks.|ipv4 hash:net|324 subnets, 333 unique IPs|updated every 1 hour from [this link](https://www.dragonresearchgroup.org/insight/sshpwauth.txt)
[dragon_vncprobe](http://iplists.firehol.org/?ipset=dragon_vncprobe)|[Dragon Research Group](http://www.dragonresearchgroup.org/) IP address that has been seen attempting to remotely connect to a host running the VNC application service, in the last 7 days. This report lists hosts that are highly suspicious and are likely conducting malicious VNC probes or VNC brute force attacks.|ipv4 hash:net|60 subnets, 60 unique IPs|updated every 1 hour from [this link](https://www.dragonresearchgroup.org/insight/vncprobe.txt)
[dronebl_anonymizers](http://iplists.firehol.org/?ipset=dronebl_anonymizers)|[DroneBL.org](https://dronebl.org) List of open proxies. It includes IPs which DroneBL categorizes as SOCKS proxies (8), HTTP proxies (9), web page proxies (11), WinGate proxies (14), proxy chains (10).|ipv4 hash:net|263381 subnets, 273576 unique IPs|
[dronebl_auto_botnets](http://iplists.firehol.org/?ipset=dronebl_auto_botnets)|[DroneBL.org](https://dronebl.org) IPs of automatically detected botnets. It includes IPs for which DroneBL responds with 17.|ipv4 hash:net|296224 subnets, 305814 unique IPs|
[dronebl_auto_botnets](http://iplists.firehol.org/?ipset=dronebl_auto_botnets)|[DroneBL.org](https://dronebl.org) IPs of automatically detected botnets. It includes IPs for which DroneBL responds with 17.|ipv4 hash:net|296223 subnets, 305813 unique IPs|
[dronebl_autorooting_worms](http://iplists.firehol.org/?ipset=dronebl_autorooting_worms)|[DroneBL.org](https://dronebl.org) IPs of autorooting worms. It includes IPs for which DroneBL responds with 16. These are usually SSH bruteforce attacks.|ipv4 hash:net|883 subnets, 958 unique IPs|
[dronebl_compromised](http://iplists.firehol.org/?ipset=dronebl_compromised)|[DroneBL.org](https://dronebl.org) IPs of compromised routers / gateways. It includes IPs for which DroneBL responds with 15 (BOPM detected).|ipv4 hash:net|627 subnets, 628 unique IPs|
[dronebl_ddos_drones](http://iplists.firehol.org/?ipset=dronebl_ddos_drones)|[DroneBL.org](https://dronebl.org) IPs of DDoS drones. It includes IPs for which DroneBL responds with 7.|ipv4 hash:net|902 subnets, 906 unique IPs|