diff --git a/src/gen_iprep_map.sh b/src/gen_iprep_map.sh index 7899762..4fe3505 100755 --- a/src/gen_iprep_map.sh +++ b/src/gen_iprep_map.sh @@ -101,7 +101,7 @@ fuDOWNLOAD "https://lists.blocklist.de/lists/all.txt" "known attacker" "blocklis fuDOWNLOAD "https://iplists.firehol.org/files/bitcoin_nodes_30d.ipset" "bitcoin node" "firehol_bitcoin" fuDOWNLOAD "https://iplists.firehol.org/files/botscout_30d.ipset" "form spammer" "firehol_botscout" fuDOWNLOAD "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/cruzit_web_attacks.ipset" "known attacker" "firehol_cruzit" -fuDOWNLOAD "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/malwaredomainlist.ipset" "known atttacker" "firehol_mwdomainlist" +fuDOWNLOAD "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/malwaredomainlist.ipset" "known attacker" "firehol_mwdomainlist" fuDOWNLOAD "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/proxylists_30d.ipset" "anonymizer" "firehol_proxylists" fuDOWNLOAD "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/proxyrss_30d.ipset" "anonymizer" "firehol_proxyrss" fuDOWNLOAD "https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/proxyspy_30d.ipset" "anonymizer" "firehol_proxyspy" @@ -112,16 +112,16 @@ fuDOWNLOAD "https://iplists.firehol.org/files/cleantalk_30d.ipset" "abuse" "fire fuDOWNLOAD "https://iplists.firehol.org/files/dshield_30d.netset" "known attacker" "firehol_cleantalk" fuDOWNLOAD "https://iplists.firehol.org/files/darklist_de.netset" "known attacker" "firehol_darklist" fuDOWNLOAD "https://iplists.firehol.org/files/dm_tor.ipset" "tor exit node" "firehol_dm_tor" -fuDOWNLOAD "http://danger.rulez.sk/projects/bruteforceblocker/blist.php" "known attacker" "rulez" -fuDOWNLOAD "http://cinsscore.com/list/ci-badguys.txt" "known attacker" "cinsscore" +fuDOWNLOAD "https://danger.rulez.sk/projects/bruteforceblocker/blist.php" "known attacker" "rulez" +fuDOWNLOAD "https://cinsscore.com/list/ci-badguys.txt" "known attacker" "cinsscore" fuDOWNLOAD "https://feodotracker.abuse.ch/blocklist/?download=ipblocklist" "malware" "feodotracker" fuDOWNLOAD "https://rules.emergingthreats.net/open/suricata/rules/compromised-ips.txt" "compromised" "et_compromised" fuDOWNLOAD "http://blocklist.greensnow.co/greensnow.txt" "known attacker" "greensnow" fuDOWNLOAD "http://www.nothink.org/blacklist/blacklist_malware_irc.txt" "malware" "nothink" -fuDOWNLOAD "http://spys.me/proxy.txt" "anonymizer" "spys" +fuDOWNLOAD "https://spys.me/proxy.txt" "anonymizer" "spys" fuDOWNLOAD "http://ransomwaretracker.abuse.ch/downloads/RW_IPBL.txt" "ransomware" "ransomwaretracker" fuDOWNLOAD "https://report.cs.rutgers.edu/DROP/attackers" "known attacker" "rutgers" -fuDOWNLOAD "http://sblam.com/blacklist.txt" "form spammer" "sblam" +fuDOWNLOAD "https://sblam.com/blacklist.txt" "form spammer" "sblam" fuDOWNLOAD "https://sslbl.abuse.ch/blacklist/sslipblacklist.csv" "C2 server" "sslbl" fuDOWNLOAD "http://www.talosintelligence.com/feeds/ip-filter.blf" "bad reputation" "talos" fuDOWNLOAD "https://check.torproject.org/exit-addresses" "tor exit node" "torexit" @@ -134,10 +134,10 @@ fuDOWNLOAD "http://www.dnsbl.manitu.net/download/nixspam-ip.dump.gz" "spam" "nix fuDOWNLOAD "http://www.urlvir.com/export-ip-addresses/" "malware" "urlvir" fuDOWNLOAD "https://threatintel.stdominics.sa.edu.au/droplist_high_confidence.txt" "known attacker" "threatintel" fuDOWNLOAD "https://sslbl.abuse.ch/blacklist/dyre_sslipblacklist_aggressive.csv" "C2 server" "dyre" -fuDOWNLOAD "http://charles.the-haleys.org/ssh_dico_attack_hdeny_format.php/hostsdeny.txt" "known attacker" "charles" +fuDOWNLOAD "https://charles.the-haleys.org/ssh_dico_attack_hdeny_format.php/hostsdeny.txt" "known attacker" "charles" fuDOWNLOAD "https://zerodot1.gitlab.io/CoinBlockerLists/MiningServerIPList.txt" "mining node" "coinblocker" -fuDOWNLOAD "http://www.botvrij.eu/data/ioclist.ip-dst.raw" "bad reputation" "botvrij" -fuDOWNLOAD "http://www.ipspamlist.com/public_feeds.csv" "known attacker" "spamlist" +fuDOWNLOAD "https://www.botvrij.eu/data/ioclist.ip-dst.raw" "bad reputation" "botvrij" +fuDOWNLOAD "https://www.ipspamlist.com/public_feeds.csv" "known attacker" "spamlist" # Generate logstash translation map for ip reputation lookup echo -n "[ Building translation map ] "