Intelligence Blocklist (IPv4): Botnets, RaT, CVE's RCE, Scanners. DST = FR
- BE
✋You can easily integrate this list into your FWs under the Inbound/Outbound policy rules, Threat feeds.
Support my work with a donation
Paypal : 👉 https://www.paypal.com/donate/?hosted_button_id=YDTWBDBS7CPLN
Bitcoin : 👉 bc1q57u5usqp2z0qqp4w4r4lvwaalf0uypls8quzm6
I started this project in June 2023 when I discovered, through logs on specific instances, a number of triggers coming from IPv4 addresses with strong signals whose behaviors appeared to be aggressive scan ports, RCE attempts linked to highly exploited CVEs.
I started retrieving them, analyzing them and then storing them in a txt list (I didn't mess around apparently🤣).
And since then, this list has evolved to include data from 26 probes (decoy) deployed in strategic areas of the French and Belgian network.
I work hard to ensure that you have high-quality data (IPv4) (the most aggressive, malicious and most up-to-date).
According to feedback, more than 51 small and medium-sized companies have already implemented this list in their FW Fortinet, Palo Alto, Checkpoint, etc.
✅agressive_ips_dst_fr_be_blocklist.txt
- Apache Attack
- Nginx Attack
- Ransomware Attack
- Wordpress Enumeration
- Bot
- Botnet Recruitment
- Brute-force Attack
- Brute-Force SSH Login
- Directory Busting
- Credentials Dumping
- Email Attack
- FTP Attack
- IMAP Attack
- Information Gathering
- Remote Code Execution
- Scanning
- SSH Attack
- Tor Exit Node
- Tor Node
- VOIP Attack
- Web Traversal
Etc.
- CVE-2020-25078
- CVE-2021-42013
- CVE-2021-41773
- CVE-2024-3400
- CVE-2017-16894
- CVE-2024-3721
- CVE-2022-30023
- CVE-2017-9841
Etc.
PS: this list will be updated every 24/48h
Intelligence IPv4 Blocklist © 2023 by Duggy Tuxy is licensed under Creative Commons Attribution-NonCommercial 4.0 International. To view a copy of this license, visit https://creativecommons.org/licenses/by-nc/4.0/
