Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add abuseipdb lists #19208

Closed
borestad opened this issue Oct 7, 2023 · 5 comments
Closed

Add abuseipdb lists #19208

borestad opened this issue Oct 7, 2023 · 5 comments
Labels
enhancement question support

Comments

@borestad
Copy link

borestad commented Oct 7, 2023

Abuseipdb IP Aggregator

Can this be of interest to implement? I'm currently using it at home, and I'd say ...it blocks 95% of the incoming backgroud noise.
I don't have time to make a PR, but someone else might?
@MikhailKasimov
Copy link
Collaborator

Hello!

Currently we have https://github.com/stamparm/maltrail/blob/master/trails/feeds/abuseipdb.py feed.

What's the difference of Abuseipdb IP Aggregator compared to this feed? Thanks!

@borestad
Copy link
Author

borestad commented Oct 7, 2023

Ah..ofc, I should have given some more context! 😊

https://github.com/stamparm/maltrail/blob/master/trails/feeds/abuseipdb.py only receives 10 (ten) ips ..... the script I'm using is aggregating AbuseIPDB's API (that gives 10.000 free ip's with 100% confidence)

So...difference is.

  • The current trail/feed gives 10 ips
  • My script gives between 18.000 - 100.000 ips (depending on how far one want to go back in time)

Updated every 5 hours via cron / github action.

abuseipdb-s100.ipv4 (18059 ip)
abuseipdb-s100-1d.ipv4 (29120 ip)
abuseipdb-s100-2d.ipv4 (32988 ip)
abuseipdb-s100-3d.ipv4 (35842 ip)
abuseipdb-s100-7d.ipv4 (42372 ip)
abuseipdb-s100-14d.ipv4 (51396 ip)
abuseipdb-s100-30d.ipv4 (66260 ip)
abuseipdb-s100-60d.ipv4 (92139 ip)
abuseipdb-s100-90d.ipv4 (116315 ip)
abuseipdb-s100-120d.ipv4 (128970 ip)
abuseipdb-s100-all.ipv4 (388688 ip)

@borestad
Copy link
Author

borestad commented Oct 7, 2023

Imho...this is the most reliable iplist I've ever used, with zero false positives.

@MikhailKasimov
Copy link
Collaborator

OK. @stamparm Your opinion here?

@stamparm
Copy link
Owner

stamparm commented Oct 9, 2023

done

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement question support
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@borestad @stamparm @MikhailKasimov