This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Where do you get additional threat feeds from

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
10 REPLIES 10

SutareMayur
L6 Presenter

‎03-31-2020 08:45 AM

@OtakarKlier,

 

We have configured our own feed url on windows based server and added it under EDL. Whenever we find any of malicious/suspicious IP/domain, we add it under site.

 

We haven't configured any of publically available URLs as given below. The reason being we do not have any control on it.

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks
0 Likes Likes

johnde
L2 Linker
In response to SutareMayur

‎03-31-2020 09:55 AM

@SutareMayur How to configure own feed url on windows server?

0 Likes Likes

SutareMayur
L6 Presenter
In response to johnde

‎03-31-2020 11:25 PM

@johndeYou can simply webpage using IIS under windows server. You can refer below link to do the configuration.

 

https://www.youtube.com/watch?v=abqTcXeyst0

 

Once your webpage is ready, configure feed url under EDL.

 

Hope it helps!

 

Mayur

 

 

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks

johnde
L2 Linker
In response to SutareMayur

‎04-01-2020 06:23 AM

Great, thanks Mayur.

0 Likes Likes

jasonwald
L2 Linker

‎04-03-2020 12:39 PM

I love firehol

 

http://iplists.firehol.org/

0 Likes Likes

jasonwald
L2 Linker

‎10-30-2020 07:00 AM

http://panwdbl.appspot.com/lists

Appears to be down. Not sure if the author removed it permanently or not? If so that is a real bummer.

OtakarKlier
Cyber Elite
Cyber Elite
In response to jasonwald

‎10-30-2020 09:46 AM

Hello,

Just a reminder that Palo Alto has a lot of back end feeds and bots that continuously update their stack. I think that a properly configured system with regular updates and dynamic inspection is a good part of an overall security strategy.

 

Regards,

Isaaczarb
L0 Member
In response to jasonwald

‎10-31-2020 05:09 AM

same here 😞

0 Likes Likes

j04nMan
L1 Bithead

‎03-22-2022 11:30 AM

http://panwdbl.appspot.com/lists/openbl.txt and other panwdbl.appspot.com URLs are now retired. 

I'm looking for an SSL abuse list, anyone know of a vetted one?

0 Likes Likes

j04nMan
L1 Bithead

‎03-22-2022 11:32 AM

Here's a live TOR Exit Node block list - for ingress

https://www.dan.me.uk/torlist/

0 Likes Likes
  • 8195 Views
  • 10 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks