From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH 1/2] sources: Removal of Feodo Tracker lists from ipblocklist sources file Date: Wed, 16 Oct 2024 18:50:19 +0200 Message-ID: <20241016165020.9287-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7092309231922544946==" List-Id: --===============7092309231922544946== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable - FEODO_RECOMMENDED list is empty and has been since 2024-08-23, when it was = last updated. - FEODO_IP list is empty and has been since 2024-08-23, when it was last upda= ted. - FEODO_AGGRESSIVE list still contains IP's but they were last updated on 202= 4-08-23. - According to the Feodo Tracker web site these lists are updated every 5 min= utes but not for nearly 8 weeks now. - Contacted Spamhaus who, since 2022, are the primary licensee for Abuse.ch, = who created the Feodo Tracker lists. No response at all from Spamhaus after one week, = not even any acknowledgement response. - This patch set removes these three lists from the sources file and an assoc= iated patch to the update.sh file removes references to these lists, if used, from the= "modified" file and removes the "list_name.conf" files. - This is the same process as used for the removal of the ALIENVAULT list ear= lier this year. Signed-off-by: Adolf Belka --- config/ipblocklist/sources | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/config/ipblocklist/sources b/config/ipblocklist/sources index 1cef06dd1..c2fc40d5b 100644 --- a/config/ipblocklist/sources +++ b/config/ipblocklist/sources @@ -61,26 +61,6 @@ our %sources =3D ( 'EMERGING_FWRULE' =3D> { 'name' =3D= > 'Emerging Threats Blocklis 'parser' =3D> 'dshield', 'rate' =3D> '1h', 'category' =3D> 'attacker' }, - 'FEODO_RECOMMENDED'=3D> {'name' =3D> 'Feodo Trojan IP Block= list (Recommended)', - 'url' =3D> 'https://feodotracker.ab= use.ch/downloads/ipblocklist_recommended.txt', - 'info' =3D> 'https://feodotracker.ab= use.ch/blocklist', - 'parser' =3D> 'ip-or-net-list', - 'rate' =3D> '5m', - 'category' =3D> 'c and c' }, - 'FEODO_IP' =3D> { 'name' =3D> 'Feodo Trojan IP Block= list', - 'url' =3D> 'https://feodotracker.ab= use.ch/downloads/ipblocklist.txt', - 'info' =3D> 'https://feodotracker.ab= use.ch/blocklist', - 'parser' =3D> 'ip-or-net-list', - 'rate' =3D> '5m', - 'category' =3D> 'c and c', - 'disable' =3D> 'FEODO_RECOMMENDED' }, - 'FEODO_AGGRESSIVE' =3D> { 'name' =3D> 'Feodo Trojan IP Bloc= klist (Aggressive)', - 'url' =3D> 'https://feodotracker.ab= use.ch/downloads/ipblocklist_aggressive.txt', - 'info' =3D> 'https://feodotracker.ab= use.ch/blocklist', - 'parser' =3D> 'ip-or-net-list', - 'rate' =3D> '5m', - 'category' =3D> 'c and c', - 'disable' =3D> ['FEODO_IP', 'FEODO_RECO= MMENDED'] }, 'CIARMY' =3D> { 'name' =3D> 'The CINS Army List', 'url' =3D> 'https://cinsscore.com/l= ist/ci-badguys.txt', 'info' =3D> 'https://cinsscore.com/#= list', --=20 2.47.0 --===============7092309231922544946==--