> Xavier Beaudouin a écrit : > Je m'incruste dans le thread, comme ça, mais ne serait-il pas mieux qu'une > communauté > de gens sympa et barbus entretiennent le smilblick comme l'AS112 par exemple.
Pour les geekettes, on fait une exception pour la barbe ;-) > Clement Cavadore a écrit : > C'est typiquement le genre de raisons pour laquelle il faut classifier les > préfixes de ton feed BGP > avec des communautés, et documenter toutes ces communautés quelque part. Ce > qui est valable pour TON > réseau ne l'est pas forcément pour celui des gens qui pourraient être tentés > d'utiliser ton feed. Complètement d'accord. D'ailleurs j'ai enlevé Tor du feed, en attendant que les communautés en fassent partie. Juste dessous, il y a le script qui construit la blacklist. Y'à qu'à (C)(TM) le modifier pour rajouter les communautés. Au travail. Michel. #!/bin/bash IP_TMP=/tmp/ip.tmp IP_BLACKLIST=/etc/exabgp/ip-blacklist.conf IP_BLACKLIST_TMP=/tmp/ip-blacklist.tmp # "http://www.maxmind.com/en/anonymous_proxies" # MaxMind GeoIP Anonymous Proxies # "https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.1.1.1" # TOR Exit Nodes BLACKLISTS=( "http://www.projecthoneypot.org/list_of_ips.php?t=d&rss=1" # Project Honey Pot Directory of Dictionary Attacker IPs "http://danger.rulez.sk/projects/bruteforceblocker/blist.php" # BruteForceBlocker IP List "http://rules.emergingthreats.net/blockrules/compromised-ips.txt" "http://rules.emergingthreats.net/blockrules/emerging-botcc.excluded" "http://rules.emergingthreats.net/blockrules/emerging-botcc.portgrouped.rules" "http://rules.emergingthreats.net/blockrules/emerging-botcc.rules" "http://rules.emergingthreats.net/blockrules/emerging-ciarmy.rules" "http://rules.emergingthreats.net/blockrules/emerging-compromised-BLOCK.rules" "http://rules.emergingthreats.net/blockrules/emerging-compromised.rules" "http://rules.emergingthreats.net/blockrules/emerging-drop-BLOCK.rules" "http://rules.emergingthreats.net/blockrules/emerging-drop.rules" "http://rules.emergingthreats.net/blockrules/emerging-dshield-BLOCK.rules" "http://rules.emergingthreats.net/blockrules/emerging-dshield.rules" "http://rules.emergingthreats.net/blockrules/emerging-rbn-BLOCK.rules" "http://rules.emergingthreats.net/blockrules/emerging-rbn-malvertisers-BLOCK.rules" "http://rules.emergingthreats.net/blockrules/emerging-rbn-malvertisers.rules" "http://rules.emergingthreats.net/blockrules/emerging-rbn.rules" "http://rules.emergingthreats.net/blockrules/emerging-tor-BLOCK.rules" "http://rules.emergingthreats.net/blockrules/emerging-tor.rules" "http://rules.emergingthreats.net/blockrules/rbn-ips.txt" # Emerging Threats - Russian Business Networks List "http://www.spamhaus.org/drop/drop.lasso" # Spamhaus Don't Route Or Peer List (DROP) "http://www.spamhaus.org/drop/edrop.lasso" # Spamhaus Don't Route Or Peer List (EDROP) "http://cinsscore.com/list/ci-badguys.txt" # C.I. Army Malicious IP List "http://www.openbl.org/lists/base_7days.txt" # OpenBL.org 7 day List "http://www.autoshun.org/files/shunlist.csv" # Autoshun Shun List "http://lists.blocklist.de/lists/all.txt" # blocklist.de attackers "http://hosts-file.net/rss.asp" "https://www.myip.ms/files/blacklist/csf/latest_blacklist.txt" "http://malc0de.com/bl/IP_Blacklist.txt" "https://sslbl.abuse.ch/blacklist/sslipblacklist.csv" ) for i in "${BLACKLISTS[@]}" do curl "$i" > $IP_TMP grep -Po '(?:\d{1,3}\.){3}\d{1,3}(?:/\d{1,2})?' $IP_TMP >> $IP_BLACKLIST_TMP done sort $IP_BLACKLIST_TMP -n | uniq > $IP_BLACKLIST rm $IP_BLACKLIST_TMP wc -l $IP_BLACKLIST --------------------------- Liste de diffusion du FRnOG http://www.frnog.org/