Hi,
I've build a great Minemeld repository which I wanted to share. Recently I've discovered Firehol which is a great aggregation of a whole lot of sources. Combining these with what is currently available within Minemeld brings an added value.
It consists out of: 1. IP Blocklist:
Using input provided by Firehol abuse (botscout, normshield, cleantalk etc) http://iplists.firehol.org/?ipset=firehol_abusers_1d
Using input provided by Firehol attacks (snort, shunlist, normshield, darklist, botvrij, blueliv, blocklist_de*, ao). http://iplists.firehol.org/?ipset=firehol_level2
Using input provided by Firehol malware (zeus, ransomware, teslacrypt, normshield, esentire, feodo, cybercrime, bambenek, ao) http://iplists.firehol.org/?ipset=firehol_webclient
Using input from DSHIELD: https://www.dshield.org/xml.html
Using input from SPAMHAUS (drop and extended drop) https://www.spamhaus.org/
=> Processed so all unique values are listed only once: BLOCKLIST_PROC => provided into 1 output: BLOCKLIST_OUT
2. Anonymizers & open proxies
Using anonymizers provided by Firehol (roxy, maxmind, onion, dronebl, ao) http://iplists.firehol.org/?ipset=firehol_anonymous
Using open proxies provided by Firehol (tor, proxyz, ao) http://iplists.firehol.org/?ipset=firehol_proxies => Processed so all unique values are listed only once: ANONYMIZERS-OPENPXY_PROC => provided into 1 output: ANONYMIZERS-OPENPXY_OUT
Office 365 IP list (O365-OUT)
Office 365 URL list (O365-OUT-URL)
Azure public ip blocks (AZURE-OUT)
5. All ip blocks of MICROSOFT
This config can be imported using the backup below. It's password protected with "paloalto".
Download from Githup
Or download below.
Best regards,
... View more