Give the user the ability to enter custom lists of bad IP addresses for ThreatDB, like the ones included in bulletins like US CERT CISA.
votes
Give the user the ability to enter custom lists of bad IP addresses for ThreatDB, like the ones included in bulletins like US CERT CISA.
Have a way for the user to paste a list of IP addresses in a search window and get a search query automatically generated. The query should be like this:
[(clientIP IN (‘112.175.92.57’, ‘113.114.117.122’, ‘128.200.115.228’, ‘137.139.135.151’, ‘181.39.135.126’, ‘186.169.2.237’, ‘197.211.212.59’, ‘21.252.107.198’, ‘26.165.218.44’, ‘47.206.4.145’, ‘70.224.36.194’, ‘81.94.192.10’, ‘81.94.192.147’, ‘84.49.242.125’, ‘97.90.44.200’) OR serverIP IN (‘112.175.92.57’, ‘113.114.117.122’, ‘128.200.115.228’, ‘137.139.135.151’, ‘181.39.135.126’, ‘186.169.2.237’, ‘197.211.212.59’, ‘21.252.107.198’, ‘26.165.218.44’, ‘47.206.4.145’, ‘70.224.36.194’, ‘81.94.192.10’, ‘81.94.192.147’, ‘84.49.242.125’, ‘97.90.44.200’) OR senderHost IN (‘112.175.92.57’, ‘113.114.117.122’, ‘128.200.115.228’, ‘137.139.135.151’, ‘181.39.135.126’, ‘186.169.2.237’, ‘197.211.212.59’, ‘21.252.107.198’, ‘26.165.218.44’, ‘47.206.4.145’, ‘70.224.36.194’, ‘81.94.192.10’, ‘81.94.192.147’, ‘84.49.242.125’, ‘97.90.44.200’) ) AND (created_at >= CURRENT_TIMESTAMP() – INTERVAL 30 DAY)]