Comments (3)
Not sure if anyone still maintains this, but there appears to be an issue pulling the Cisco Talos feed (https://www.talosintelligence.com/documents/ip-blacklist). My guess is the fact that the URL redirects to an Amazon S3 bucket is the issue.
Not a list I use, but in testing just now, I have no issue accessing that URL which directs to (as you mentioned) to
https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/019/195/original/ip_filter.blf
91.228.167.128
31.41.8.66
27.31.180.123
91.109.184.7
83.220.172.27
95.214.107.21
and on
I show the default list having it commented out, which is why I may not be using it...
Talos Reputation Center IP Blacklist
Also see https://www.talosintelligence.com/reputation
#https://www.talosintelligence.com/documents/ip-blacklist
Updated - Interesting read here on snort blocking and only used for testing, the moved part is old..
https://www.reddit.com/r/pfBlockerNG/comments/iclh0y/talos_blocklist_seems_to_have_moved/
from edgeos-bl-mgmt.
It may be an artifact of how my implementation is parsing the site (I'm using VyOS). When I manually run the script, I can see where the Talos site is fetched, but it is not processed into the final list. I was actually able to get it to work by adding a "-L" option on line 458 of updBLackList.sh which informs cURL to follow redirects.
from edgeos-bl-mgmt.
This seems to be a semi-recent change in that list location. This doesn't appear to be a traditional redirect either (but isn't broken). This had been a separate Cisco Talos list but is now just a redirect to a snort list.
I intentionally did not include a -L option to curl. The ultimate target URL for this list appears to be dynamic so if this is is desired a -L would be required unfortunately.
I'll probably look to add a comment to an updated reference list after looking into this one further.
from edgeos-bl-mgmt.
Related Issues (20)
- Firewall rules not accepted HOT 1
- Silence sed warning HOT 5
- user error - please ignore
- Error when running update script HOT 3
- https://isc.sans.edu/ipsascii.html not being parsed correctly
- Suggesting additional ban list sources HOT 1
- Config question HOT 3
- IPv6 Parsing HOT 4
- UDM PRO HOT 3
- What about applying these rules also for egress traffic? HOT 1
- Firewall Policies configuration HOT 3
- Informational: thanks!
- Update README to new iprange version
- When using sudo /config/scripts/updBlackList.sh
- Update process stops when trying to add a wrong IP syntax HOT 2
- No longer works on USG HOT 2
- IP Range won't install - ER-X HOT 2
- Firewall Block List Not Populating
- Can't confirm rulesets are applied HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from edgeos-bl-mgmt.