| Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung |
| know-how:blacklists [2023/04/25 11:22] – [IP Reputation] cc | know-how:blacklists [2024/02/26 10:31] (aktuell) – cc |
|---|
| | ~~ODT~~ |
| ====== Blacklists ====== | ====== Blacklists ====== |
| ===== WEB ===== | ===== WEB ===== |
| |
| ^Betreiber^Lizenz^Format^Download^Anmerkungen^ | ^Betreiber^Lizenz^Format^Download^Anmerkungen^ |
| | | fabriziosalmi - https://get.domainsblacklists.com/|GPL|Domains|https://get.domainsblacklists.com/blacklist.txt|Aggregiert diverse verfügbare Blacklists Achunt| |
| | |https://cert.pl/|unbekannt|Diverse Formate|e.g. Domains https://hole.cert.pl/domains/domains.txt |-| |
| | |https://oisd.nl/|unbekannt|Diverse Formate|e.g. https://big.oisd.nl/domainswild2 |Aggregiert diverse Listen| |
| | |https://github.com/RPiList/specials/blob/master/Blocklisten.md|unbekannt|Domains|e.g. Domains: https://raw.githubusercontent.com/RPiList/specials/master/Blocklisten/malware| Diverse Listen und Kategorien| |
| |https://kadantiscam.netlify.app/|Creative Commons|Hosts File|https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt|-| | |https://kadantiscam.netlify.app/|Creative Commons|Hosts File|https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt|-| |
| |https://www.abuseipdb.com/contact|https://www.abuseipdb.com/pricing|API|<code>curl -s -G https://api.abuseipdb.com/api/v2/blacklist -d confidenceMinimum=95 -d plaintext -H "Key: API_KEY" -H "Accept: text/plain" > /tmp/abuseipdb-ips.acl</code>|-| | |https://www.abuseipdb.com/contact|https://www.abuseipdb.com/pricing|API|<code>curl -s -G https://api.abuseipdb.com/api/v2/blacklist -d confidenceMinimum=95 -d plaintext -H "Key: API_KEY" -H "Accept: text/plain" > /tmp/abuseipdb-ips.acl</code>|-| |
| |https://urlhaus.abuse.ch/|unbekannt|URLs|<code>wget --quiet --timeout=5 --tries=2 https://urlhaus.abuse.ch/downloads/text/ -O /tmp/abuse.ch-urls-malicious</code>|-| | |https://urlhaus.abuse.ch/|unbekannt|URLs|<code>wget --quiet --timeout=5 --tries=2 https://urlhaus.abuse.ch/downloads/text/ -O /tmp/abuse.ch-urls-malicious</code>|-| |
| |https://urlhaus.abuse.ch/|unbekannt|Domains|<code> wget --quiet --timeout=5 --tries=2 https://urlhaus.abuse.ch/downloads/hostfile/ -O /tmp/abuse.ch-domains-malicious</code>|pihole kompatibel| | |https://urlhaus.abuse.ch/|unbekannt|Domains|<code> wget --quiet --timeout=5 --tries=2 https://urlhaus.abuse.ch/downloads/hostfile/ -O /tmp/abuse.ch-domains-malicious</code>|pihole kompatibel| |
| | |https://abuse.ch|unbekannt|Domains/Hosts|<code>wget -q --timeout=15 https://threatfox.abuse.ch/downloads/hostfile/ -O /tmp/threatfox.acl && grep -v '^#' /tmp/threatfox.acl | awk '{print $2}' | sort | uniq > /usr/local/etc/blacklists/threatfox.acl </code>|pihole kompatibel| |
| |https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist|MIT License|Hostname/Domain|<code>wget --quiet --timeout=5 --tries=2 https://hosts.ubuntu101.co.za/domains.list -O /tmp/mitchellkrogza-domain.acl</code> |Achtung >16Mbyte groß/verschiedenste Kategorien zusammen gewürfelt| | |https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist|MIT License|Hostname/Domain|<code>wget --quiet --timeout=5 --tries=2 https://hosts.ubuntu101.co.za/domains.list -O /tmp/mitchellkrogza-domain.acl</code> |Achtung >16Mbyte groß/verschiedenste Kategorien zusammen gewürfelt| |
| |https://www.malwarepatrol.net/|kommerziell|Diverse|-|-| | |https://www.malwarepatrol.net/|kommerziell|Diverse|-|-| |
| log_max_age: 30 | log_max_age: 30 |
| api_url: http://127.0.0.1:8080/ | api_url: http://127.0.0.1:8080/ |
| api_key: fc1a3c035f2ca58ba871c8744482c5f7 | api_key: API_KEY |
| insecure_skip_verify: false | insecure_skip_verify: false |
| disable_ipv6: true | disable_ipv6: false |
| deny_action: DROP | deny_action: DROP |
| deny_log: false | deny_log: false |
| #to change the blacklists name | #to change the blacklists name |
| blacklists_ipv4: crowdsec4 | blacklists_ipv4: crowdsec4 |
| blacklists_ipv6: crowdsec6-blacklists | blacklists_ipv6: crowdsec6 |
| #if present, insert rule in those chains | #if present, insert rule in those chains |
| iptables_chains: | iptables_chains: |
| |https://www.rfxn.com/projects/linux-malware-detect/|GNU GPLv2 |Eigene Skripten oder CLAMAV rules: https://cdn.rfxn.com/downloads/maldet-sigpack.tgz| | |https://www.rfxn.com/projects/linux-malware-detect/|GNU GPLv2 |Eigene Skripten oder CLAMAV rules: https://cdn.rfxn.com/downloads/maldet-sigpack.tgz| |
| |https://github.com/Cisco-Talos/clamav-safebrowsing|GNU GPLv2|getestet auf Debian Buster/für Google Safebrowsing mit Google API / Test mit **http://malware.wicar.org/** | | |https://github.com/Cisco-Talos/clamav-safebrowsing|GNU GPLv2|getestet auf Debian Buster/für Google Safebrowsing mit Google API / Test mit **http://malware.wicar.org/** | |
| | |http://sigs.interserver.net|unbekannt|Last Modified Sept. 2022| |
