sidallocation / sidallocation.org Goto Github PK
View Code? Open in Web Editor NEWHome Page: https://sidallocation.org
Home Page: https://sidallocation.org
No response
DCSO Deutsche Cyber-Sicherheitsorganisation GmbH
10000
https://medium.com/@DCSO_CyTec
https://github.com/DCSO/suricata-rules
No response
none
4000
rules: https://raw.githubusercontent.com/jpgpi250/piholemanual/master/DOH/DOH.rules
documentation: https://jpgpi250.github.io/piholemanual/doc/Block%20DOH%20with%20pfsense.pdf (section 10 describes implementation on suricata (pfsense version)
sid range 27995000 .. 27996999: (o)DoH entries, extracted from lists (see doc for list details
sid range 27997000 .. 27998999: additional CNAME info, retrieved from dig requests (domains extracted from lists)
database with the info, used to make the rule list: https://github.com/jpgpi250/piholemanual/blob/master/DOH.db
daily updated.
https://raw.githubusercontent.com/jpgpi250/piholemanual/master/DOH/DOH.rules
Corelight
100,000
We have started to create a number of our own Suricata rules. We open-source many of them, here is an example:
https://github.com/corelight/C2-detection-manjusaka
https://corelight.com/blog/detecting-manjusaka-c2-framework
We've already started using the range 3000000, so we would request the range 3000000-3099999 since that appears available. We can also start with a smaller range if that's preferable, please start with 3000000 and build up.
No response
It appears there's a collision here:
5000000-5000213 Etnetera a.s. Etnetera aggressive IP blacklist
5000000-5000033 MalSilo MalSilo
ExtraHop Networks
100,000
https://www.extrahop.com/solutions/security/ids/
We're beginning to create first-party Suricata rules. We would like to request to reserve the range 4000000-4099999.
No response
Proofpoint
10,000
integration into ET Open offering from: https://github.com/AssoEchap/stalkerware-indicators/blob/master/ioc.yaml
No response
twitter.com/abuse_ch
abuse.ch
I was able to find the following ranges in use as of 2022-01-29
Low End | High End | Url |
---|---|---|
900505003 | 900507802 | https://feodotracker.abuse.ch/downloads/feodotracker.rules |
900605001 | 900607802 | https://feodotracker.abuse.ch/downloads/feodotracker_aggressive.rules |
902200000 | 902204616 | https://sslbl.abuse.ch/blacklist/sslblacklist.rules |
903200000 | 903204616 | https://sslbl.abuse.ch/blacklist/sslblacklist_tls_cert.rules |
904200000 | 904200022 | https://sslbl.abuse.ch/blacklist/sslipblacklist.rules |
905200000 | 905208077 | https://sslbl.abuse.ch/blacklist/sslipblacklist_aggressive.rules |
906200000 | 906200096 | https://sslbl.abuse.ch/blacklist/ja3_fingerprints.rules |
80864327 | 82877945 | https://urlhaus.abuse.ch/downloads/suricata-ids/ |
90162588 | 90315707 | https://threatfox.abuse.ch/downloads/threatfox_suricata.rules |
5012000 | 5012999 | Privately Used |
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.