https://github.com/aetherinox/blocklists

Firewall / Host blocklists, includes privacy, brute-force / port scanners, geographical continent & country databases. Support for BT Transmission. Updated multiple times a day.
https://github.com/aetherinox/blocklists

abuses blocklists geo-blocking geographical geolite geolite2 geolite2-country geolite2-country-database geolite2-database hosts hostsfile ipset ipset-data ipset-dns ipset-lists ipset-rules ipsets malware opnsense transmission

Last synced: 9 days ago
JSON representation

Firewall / Host blocklists, includes privacy, brute-force / port scanners, geographical continent & country databases. Support for BT Transmission. Updated multiple times a day.

• Host: GitHub
• URL: https://github.com/aetherinox/blocklists
• Owner: Aetherinox
• License: mit
• Created: 2024-10-26T20:56:00.000Z (3 months ago)
• Default Branch: main
• Last Pushed: 2024-11-27T00:47:58.000Z (2 months ago)
• Last Synced: 2024-11-27T01:27:44.606Z (2 months ago)
• Topics: abuses, blocklists, geo-blocking, geographical, geolite, geolite2, geolite2-country, geolite2-country-database, geolite2-database, hosts, hostsfile, ipset, ipset-data, ipset-dns, ipset-lists, ipset-rules, ipsets, malware, opnsense, transmission
• Homepage:
• Size: 1.09 GB
• Stars: 2
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE

Awesome Lists containing this project

README

        



🕙 `Last Sync: 11/29/2024 02:36 UTC`



---




- [About](#about)

  - [★ Severity Rating ★](#-severity-rating-)

- [Main Lists](#main-lists)

- [Privacy Lists](#privacy-lists)

- [Spam Lists](#spam-lists)

- [Geographical (Continents \& Countries)](#geographical-continents--countries)

- [Transmission (BitTorrent Client)](#transmission-bittorrent-client)

- [Install](#install)

  - [ConfigServer Firewall Users](#configserver-firewall-users)




---




# About

This repository contains a collection of dynamically updated blocklists which can be utilized to filter out traffic from communicating with your server.




These blocklists can be used with:

- ConfigServer Firewall

- FireHOL

- Crowdsec

- Transmission (BitTorrent Client)

- OPNsense

- Many others




Blocklist and statistics are updated daily, and some are updated multiple times a day depending on the category of blocklist. Others may only update once per day depending on how often they refresh.




## ★ Severity Rating ★

The **Severity Rating** is a column shown below for each blocklist. This score is calculated depending on how many "abusive" IP addresses exist within that ipset file.




As an example, the **Cloudflare CDN** has a score of `★★★⚝⚝ 3 or higher`, due to the fact that many people are reporting that servers hosted by Cloudflare seem to be involved in a lot of abusive activity such as port scanning and SSH bruteforce attacks. The more reports that the Ips in the Cloudflare file have, the higher the severity rating will rise. This score is based on the mean (average) report history of all IPs in the list.




This rating is calculated once a day.




---




# Main Lists

These are the primary lists that most people will be interested in. They contain a large list of IP addresses which have been reported in the last 360 days for abusive behavior. These statistics are gathered from numerous websites such as [AbuseIPDB](https://www.abuseipdb.com/) and [IPThreat](https://ipthreat.net/). IPs on this list have a 70-100% confidency level of engaging in the following:

- SSH Bruteforcing

- Port Scanning

- DDoS Attacks

- IoT Targeting

- Phishing




| Set Name | Description | Severity | View |

| --- | --- | --- | --- |

| `01_master.ipset` | Abusive IP addresses which have been reported for port scanning and SSH bruteforcing. HIGHLY recommended. 
 Includes [AbuseIPDB](https://www.abuseipdb.com/), [IPThreat](https://ipthreat.net/), [CinsScore](https://cinsscore.com), [GreensNow](https://blocklist.greensnow.co/greensnow.txt) | ★★★★★ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/01_master.ipset) |

| `01_highrisk.ipset` | IPs with highest risk to your network and have a possibility that the activity which comes from them are going to be fraudulent. | ★★★★⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/01_highrisk.ipset) |




---




# Privacy Lists

These blocklists give you more control over what 3rd party services can access your server, and allows you to remove bad actors or services hosting such services.




| Set | Description | Severity | View |

| --- | --- | --- | --- |

| `02_privacy_general.ipset` | Servers which scan ports for data collection and research purposes. List includes [Censys](https://censys.io), [Shodan](https://www.shodan.io/), [Project25499](https://blogproject25499.wordpress.com/), [InternetArchive](https://archive.org/)  | ★★★★⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/02_privacy_general.ipset) |

| `02_privacy_ahrefs.ipset` | Ahrefs SEO and services | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_ahrefs.ipset) |

| `02_privacy_amazon_aws.ipset` | Amazon AWS | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_amazon_aws.ipset) |

| `02_privacy_amazon_ec2.ipset` | Amazon EC2 | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_amazon_ec2.ipset) |

| `02_privacy_applebot.ipset` | Apple Bots | ★★★⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/02_privacy_applebot.ipset) |

| `02_privacy_bing.ipset` | Microsoft Bind and Bing Crawlers / Bots | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/02_privacy_bing.ipset) |

| `02_privacy_bunnycdn.ipset` | Bunny CDN | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/02_privacy_bunnycdn.ipset) |

| `02_privacy_cloudflarecdn.ipset` | Cloudflare CDN | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/02_privacy_cloudflarecdn.ipset) |

| `02_privacy_cloudfront.ipset` | Cloudfront DNS | ★⚝⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/02_privacy_cloudfront.ipset) |

| `02_privacy_duckduckgo.ipset` | DuckDuckGo Web Crawlers / Bots | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/02_privacy_duckduckgo.ipset) |

| `02_privacy_facebook.ipset` | Facebook Bots & Trackers | ★★★⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/02_privacy_facebook.ipset) |

| `02_privacy_fastly.ipset` | Fastly CDN | ★⚝⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_fastly.ipset) |

| `02_privacy_google.ipset` | Google Crawlers | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_google.ipset) |

| `02_privacy_pingdom.ipset` | Pingdom Monitoring Service | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_pingdom.ipset) |

| `02_privacy_rssapi.ipset` | RSS API Reader | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_rssapi.ipset) |

| `02_privacy_stripe_api.ipset` | Stripe Payment Gateway API | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_stripe_api.ipset) |

| `02_privacy_stripe_armada_gator.ipset` | Stripe Armada Gator | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_stripe_armada_gator.ipset) |

| `02_privacy_stripe_webhooks.ipset` | Stripe Webhook Service | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_stripe_webhooks.ipset) |

| `02_privacy_telegram.ipset` | Telegram Trackers and Crawlers | ★★★⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_telegram.ipset) |

| `02_privacy_uptimerobot.ipset` | Uptime Robot Monitoring Service | ★⚝⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_uptimerobot.ipset) |

| `02_privacy_webpagetest.ipset` | Webpage Test Services | ★★⚝⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/02_privacy_webpagetest.ipset) |




---




# Spam Lists

These blocklists allow you to remove the possibility of spam sources accessing your server.




| Set | Description | Severity | View |

| --- | --- | --- | --- |

| `03_spam_forums.ipset` | List of known forum / blog spammers and bots | ★★★⚝⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/03_spam_forums.ipset) |

| `03_spam_spamhaus.ipset` | Bad actor IP addresses registered with Spamhaus | ★★★★⚝ | [view](https://raw.githubusercontent.com/Aetherinox/blocklists/main/03_spam_spamhaus.ipset) |




---




# Geographical (Continents & Countries)

These blocklists allow you to determine what geographical locations can access your server. These can be used as either a whitelist or a blacklist. Includes both **continents** and **countries**.




| Set | Description | Severity | View |

| --- | --- | --- | --- |

| `GeoLite2 Database` | Lists IPs by continent and country from GeoLite2 database. Contains both IPv4 and IPv6 subnets | ★★★★★ | [view](https://dev.maxmind.com/geoip/geolite2-free-geolocation-data/) |

| `Ip2Location Database` | Coming soon | ★★★★★ | [view](https://lite.ip2location.com/database-download) |




---




# Transmission (BitTorrent Client)

This section includes blocklists which you can import into the [bittorrent client Transmission](https://transmissionbt.com/).




- In this repo, copy the direct URL to the Transmission blocklist, provided below:

  - https://github.com/Aetherinox/blocklists/raw/main/blocklists/transmission/blocklist.gz

- Open your Transmission application; depending on the version you run, do ONE of the follow two choices:

  - Paste the link to Transmission > Settings > Peers > Blocklist

  - Paste the link to Transmission > Edit > Preferences > Privacy > Enable blocklist




| Set | Description | Severity | View |

| --- | --- | --- | --- |

| `bt-transmission` | A large blocklist for the BitTorrent client [Transmission](https://transmissionbt.com/) | ★★★★★ | [view](https://transmissionbt.com/) |




---




# Install

This section explains how to use these blocklists within particular software titles.




## ConfigServer Firewall Users

This repository contains a set of ipsets which are automatically updated every `6 hours`. You may add these sets to your ConfigServer Firewall `/etc/csf/csf.blocklists` with the following new line:

```

csf|86400|0|https://raw.githubusercontent.com/Aetherinox/blocklists/main/blocklists/01_master.ipset

```