Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tioeudes
Contributor

[FORTIGATE] - Threat Feeds

Hello all.

 

Threat feed is one of the great features since FortiOS 6.0. It makes the task of blocking poor reputation IPs/domains, malware hashes and known IOCs very easy.

 

So, since i could not find it easily, i'd like to share here some ready to use lists and hope the community would share some too.

 

https://secureupdates.che..int.com/IP-list/TOR.txt [link]https://www.dan.me.uk/torlist/[/link] https://s3.us-east-2.amaz...om/ip-blacklist/ip.txt http://rules.emergingthre...emerging-Block-IPs.txt https://talosintelligence../documents/ip-blacklist https://lists.blocklist.de/lists/all.txt

 

 

Regards,

tioeudes

5 REPLIES 5
Markus
Valued Contributor

Nice idea 

 

Block-List - Team Cymru (team-cymru.com)


________________________________________________________
--- NSE 4 ---
________________________________________________________

________________________________________________________--- NSE 4 ---________________________________________________________
tioeudes

https://firebog.net/ has some lists too.

tio3udes
New Contributor III

Hello Guys!

 

Trying to revive this old post. I still believe it would be go for the comunity if we had a source of osint like this.

ti03udes
ti03udes
EnterpriseAdmin
New Contributor

You need to register and pay a few bucks to get a key, otherwise the retrieved list is limited to 10000 entries, but it is fantastic.

https://api.abuseipdb.com/api/v2/blacklist?limit=100000&confidenceMinimum=90&plaintext&key=<yourkeyhere>

 

Another:

https://raw.githubusercontent.com/stamparm/ipsum/master/levels/3.txt
EnterpriseAdmin

Don't forget to protect your SSLVPN service as well!  These commands assume you don't have any existing entries in your source-address allow list, as we are inverting the action on this list from allow to deny:

 

config vpn ssl settings
set source-address-negate enable
set source-address "list or group 1" "list or group 2" "list or group n"

 

 

Labels
Top Kudoed Authors