All,
Anyone have a list of all the URL's IPs I need to open Splunk Enterprise Security up to for its threat lists? I have to get the firewall exceptions places in this week, but won't have the actual Splunk bits for a few more weeks.
thanks
-Daniel
| rest splunk_server=local count=0 /services/data/inputs/threatlist | search url!=lookup* | table title, url
These can obviously change with future upgrades and / or releases. Also the IP's could change by the service providers as well.
missed the part about you not having the access. excuse the formatting
alexa_top_one_million_sites
https://s3.amazonaws.com/alexa-static/top-1m.csv.zip
emerging_threats_compromised_ip_blocklist https://rules.emergingthreats.net/blockrules/compromised-ips.txt
emerging_threats_ip_blocklist
https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt
hailataxii_malware
http://hailataxii.com/taxii-data
iblocklist_logmein
http://list.iblocklist.com/?list=logmein
iblocklist_piratebay
http://list.iblocklist.com/?list=nzldzlpkgrcncdomnttb
iblocklist_proxy
http://list.iblocklist.com/?list=bt_proxy
iblocklist_rapidshare
http://list.iblocklist.com/?list=zfucwtjkfwkalytktyiw
iblocklist_spyware
http://list.iblocklist.com/?list=bt_spyware
iblocklist_tor
http://list.iblocklist.com/?list=tor
iblocklist_web_attacker
http://list.iblocklist.com/?list=ghlzqtqxnzctvvajwwag
icann_top_level_domain_list
https://data.iana.org/TLD/tlds-alpha-by-domain.txt
malware_domains
http://mirror1.malwaredomains.com/files/domains.txt
maxmind_geoip_asn_ipv4 https://download.maxmind.com/download/geoip/database/asnum/GeoIPASNum2.zip
maxmind_geoip_asn_ipv6 https://download.maxmind.com/download/geoip/database/asnum/GeoIPASNum2v6.zip
mozilla_public_suffix_list
https://publicsuffix.org/list/effective_tld_names.dat
phishtank
https://data.phishtank.com/data/online-valid.csv.gz
sans
https://isc.sans.edu/block.txt
zeus_bad_ip_blocklist
https://zeustracker.abuse.ch/blocklist.php?download=badips
zeus_standard_ip_blocklist
https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist
thanks, Okie!