-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathos_indicators.config
More file actions
67 lines (51 loc) · 2.28 KB
/
os_indicators.config
File metadata and controls
67 lines (51 loc) · 2.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
[General]
#This is a prefix for open souce campaigns so that they can be grouped in a search.
#A value of "OS-" would mean that the zeus list would be stored under the campaign, "OS-Zeus".
open_source_campaign_prefix : OS-
#Whether to add a campaign name if it did not previously exist. (Values: 0 or 1)
add_campaign_if_missing : 1
[Open Source Lists]
# http://emergingthreats.net/open-source/etopen-ruleset/
# The following 3 lists are all contained in a single file.
# The _begin field indicates where in the file the respective section starts.
# C&C servers identified by Shadowserver (www.shadowserver.org)
# Spam nets identified by Spamhaus (www.spamhaus.org)
# Top Attackers listed by DShield (www.dshield.org)
shadowserver_URL : http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt
shadowserver_source : ShadowServer
shadowserver_begin : # Shadowserver
spamhaus_URL : http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt
spamhaus_source : Spamhaus
spamhaus_begin : #Spamhaus
dshield_URL : http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt
dshield_source : DShield
dshield_begin : #Dshield
#Emerging threats compromised IP list
et_compromised_ip_URL : http://rules.emergingthreats.net/blockrules/compromised-ips.txt
et_compromised_ip_source : EmergingThreats
#SSL Blacklist
#https://sslbl.abuse.ch/
ssl_blacklist_URL : https://sslbl.abuse.ch/blacklist/sslipblacklist.csv
ssl_blacklist_source : SSLBL
#Zeus C&C Servers
#https://zeustracker.abuse.ch/faq.php
zeus_URL : https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist
zeus_source : Zeus
#SpyEye C&C Servers
#https://spyeyetracker.abuse.ch/index.php
spyeye_URL : https://spyeyetracker.abuse.ch/blocklist.php?download=ipblocklist
spyeye_Source : SpyEye
#Palevo Worm Tracker
#https://palevotracker.abuse.ch/
palevo_URL : https://palevotracker.abuse.ch/blocklists.php?download=ipblocklist
palevo_source : Palevo
#Malc0de IP Blacklist
##http://malc0de.com/bl/
malcode_URL : http://malc0de.com/bl/IP_Blacklist.txt
malcode_source : Malc0de
#AlienVault Reputation Service
#Available through AlienVault's free service
#Be sure to read their agreements before enabling
#https://www.alienvault.com/my-account/otx_downloads/
#alienvault_URL : https://reputation.alienvault.com/reputation.snort.gz
#alienvault_source : AlienVault