vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-04-29 07:29:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Updated the malware/domain lists with new entries from abuse.ch and firehol

Browse source
This commit is contained in:
Luca Deri 2022-03-02 12:40:35 +01:00
parent 64a2f42553
commit 14b68e2568
1 changed files with 23 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

28
scripts/lua/modules/lists_utils.lua
View file

@ -53,18 +53,30 @@ local is_nedge = ntop.isnEdge()
-- [hosts] 127.0.0.1 1.2.3.4
--
local BUILTIN_LISTS = {
["ntop IP Malware Meltdown"] = {
url = "http://blacklists.ntop.org/blacklist-ip.txt",
["dshield 7 days"] = {
url = "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/dshield_7d.netset",
category = CUSTOM_CATEGORY_MALWARE,
format = "ip",
enabled = true,
update_interval = DEFAULT_UPDATE_INTERVAL,
}, ["Firehol Level 1"] = {
url = "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/firehol_level1.netset",
category = CUSTOM_CATEGORY_MALWARE,
format = "ip",
enabled = false,
update_interval = DEFAULT_UPDATE_INTERVAL,
}, ["ntop Host Malware Meltdown"] = {
url = "http://blacklists.ntop.org/blacklist-hostnames.txt",
}, ["AlienVault"] = {
url = "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/alienvault_reputation.ipset",
category = CUSTOM_CATEGORY_MALWARE,
format = "domain",
format = "ip",
enabled = false,
update_interval = DEFAULT_UPDATE_INTERVAL,
}, ["Feodo"] = {
url = "https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt",
category = CUSTOM_CATEGORY_MALWARE,
format = "ip",
enabled = true,
update_interval = DEFAULT_UPDATE_INTERVAL,
}, ["Emerging Threats"] = {
url = "https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt",
category = CUSTOM_CATEGORY_MALWARE,
@ -89,6 +101,12 @@ local BUILTIN_LISTS = {
format = "ip",
enabled = true,
update_interval = SIXH_DOWNLOAD_INTERVAL,
}, ["URLhaus"] = {
url = "https://urlhaus.abuse.ch/downloads/hostfile/",
category = CUSTOM_CATEGORY_MALWARE,
format = "domain",
enabled = true,
update_interval = DEFAULT_UPDATE_INTERVAL,
}, ["Anti-WebMiner"] = {
url = "https://raw.githubusercontent.com/greatis/Anti-WebMiner/master/hosts",
category = CUSTOM_CATEGORY_MINING,