First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Anyone know of a blacklisted IP database?

I'm looking for a consistently updated/downloadable database of blacklisted IP addresses. My goal would be to filter or color rule for them in Wireshark, https://bugs.wireshark.org/bugzilla/s.... Can anyone point me in the right direction?

From Guy Harris: Actually, a general ability to define lists of IP addresses, and allow packet-matching rules to say "ip.addr in {name-of-list}" or something such as that, might be useful; checking for blacklisted IP addresses would be just one application of that mechanism.

Betty DuBois's avatar
1
Betty DuBois
asked 2019-01-30 20:54:05 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

2 Answers

0

Hi Betty,

If you only need a short list then there is Talos intelligence from Cisco.

https://www.talosintelligence.com/reputation

They allow you to download a list of hundreds of IP adresses known to be "bad".

https://www.talosintelligence.com/documents/ip-blacklist

This list is nowhere near complete and the site says it's about 1% of the addresses they are monitoring.

Hope this helps.

Cheers,

JF

Spooky's avatar
191
Spooky
answered 2019-01-31 03:49:39 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments
0

I would recommend a combination of firehol level 1,2,3; they maintain an always upto date database on realtime threats whether it be botnets, virus ridden computers, malicious websites, you name it. Almost a billion IP addresses. I've been using it for about a year now on my router with great success. Current avg update frq is 49 minutes, this fluctuates slightly. Probably one of the best free threat intelligence sources on the web.

https://iplists.firehol.org/

dids201's avatar
1
dids201
answered 2019-01-31 06:27:27 +0000, updated 2019-01-31 06:39:26 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer