Re: [mod-security-users] Can we consume Third Part IP reputation list?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Can we consume Third Part IP reputation list?
|
From: Reindl H. <h.r...@th...> - 2020-04-13 12:55:04
|
Am 13.04.20 um 14:19 schrieb Blason R: > Hi there, > > Sorry for the confusion. What I mean about third party is; I saw modsec > can only consume rbl but since we are running our own honeypot we are > generating out own feeds and waned to know if those can be consumed > instead of default one. > > Since I am pretty novice my apology for any confusion. there is nothing like "default one" https://www.corpit.ru/mjt/rbldnsd.html systemctl status rbldnsd.service ● rbldnsd.service - DNSBL/DNSWL Daemon Loaded: loaded (/etc/systemd/system/rbldnsd.service; enabled; vendor preset: disabled) Drop-In: /etc/systemd/system/rbldnsd.service.d └─ordering.conf Active: active (running) since Tue 2020-04-07 18:14:31 CEST; 5 days ago Main PID: 601 (rbldnsd) Tasks: 1 (limit: 512) Memory: 21.8M CPU: 54.016s CGroup: /system.slice/rbldnsd.service └─601 /usr/sbin/rbldnsd -f -n -r/var/lib/rbldnsd -c 90s -t 60:60:7200 -e -v -a -q -4 -b 127.0.0.1/153 uribl.example.com:dnset:uribl.example.com dnsbl.example.com:ip4set:dnsbl.example.com dnsbl-modsecurity.example.com:ip4set:dnsbl-modsecurity.example.com dnswl-aggregate.example.com:ip4set:dnswl-aggregate.example.com dnswl.example.com:ip4set:dnswl.example.com dnswl-high.example.com:ip4set:dnswl-high.example.com dnswl-medium.example.com:ip4set:dnswl-medium.example.com dnswl-low.example.com:ip4set:dnswl-low.example.com dnswl-untrusted.example.com:ip4set:dnswl-untrusted.example.com dnsbl-ix.example.com:ip4set:dnsbl-ix.example.com dnsbl-backscatterer.example.com:ip4set:dnsbl-backscatterer.example.com dnswl-whitelisted-org.example.com:ip4set:dnswl-whitelisted-org.example.com dnsbl-uce.example.com:ip4set:dnsbl-uce.example.com dnsbl-uce-2.example.com:ip4set:dnsbl-uce-2.example.com dnsbl-surriel.example.com:ip4set:dnsbl-surriel.example.com Apr 13 14:46:01 localhost rbldnsd[601]: rbldnsd: ip4set:dnsbl-modsecurity.example.com: 20200413 124402: e32/24/16/8=6465/0/0/0 Apr 13 14:46:01 localhost rbldnsd[601]: rbldnsd: ip4set:dnsbl-ix.example.com: 20200413 124104: e32/24/16/8=2275/0/0/0 Apr 13 14:46:01 localhost rbldnsd[601]: rbldnsd: ip4set:dnsbl-uce.example.com: 20200413 124005: e32/24/16/8=211593/0/17/1 Apr 13 14:46:01 localhost rbldnsd[601]: rbldnsd: zones reloaded, time 0.2e/0.2u sec, mem arena=13600 free=6396 mmap=5976 Kb Apr 13 14:50:31 localhost rbldnsd[601]: rbldnsd: ip4set:dnsbl.example.com: 20200413 124902: e32/24/16/8=30993/0/0/0 Apr 13 14:50:31 localhost rbldnsd[601]: rbldnsd: ip4set:dnsbl-modsecurity.example.com: 20200413 124902: e32/24/16/8=6491/0/0/0 Apr 13 14:50:31 localhost rbldnsd[601]: rbldnsd: ip4set:dnsbl-ix.example.com: 20200413 124704: e32/24/16/8=2320/0/0/0 Apr 13 14:50:31 localhost rbldnsd[601]: rbldnsd: ip4set:dnsbl-uce.example.com: 20200413 124504: e32/24/16/8=211593/0/17/1 Apr 13 14:50:31 localhost rbldnsd[601]: rbldnsd: ip4set:dnsbl-surriel.example.com: 20200413 124706: e32/24/16/8=17146/0/0/0 |
