Give the user the ability to enter custom lists of bad IP addresses for ThreatDB, like the ones included in bulletins like US CERT CISA.
1
votes
votes
approved
1
votes
votes
approved
Allow to search for lists of IP addresses
Have a way for the user to paste a list of IP addresses in a search window and get a search query automatically generated. The query should be like this:
[(clientIP IN (‘112.175.92.57’, ‘113.114.117.122’, ‘128.200.115.228’, ‘137.139.135.151’, ‘181.39.135.126’, ‘186.169.2.237’, ‘197.211.212.59’, ‘21.252.107.198’, ‘26.165.218.44’, ‘47.206.4.145’, ‘70.224.36.194’, ‘81.94.192.10’, ‘81.94.192.147’, ‘84.49.242.125’, ‘97.90.44.200’) OR serverIP IN (‘112.175.92.57’, ‘113.114.117.122’, ‘128.200.115.228’, ‘137.139.135.151’, ‘181.39.135.126’, ‘186.169.2.237’, ‘197.211.212.59’, ‘21.252.107.198’, ‘26.165.218.44’, ‘47.206.4.145’, ‘70.224.36.194’, ‘81.94.192.10’, ‘81.94.192.147’, ‘84.49.242.125’, ‘97.90.44.200’) OR senderHost IN (‘112.175.92.57’, ‘113.114.117.122’, ‘128.200.115.228’, ‘137.139.135.151’, ‘181.39.135.126’, ‘186.169.2.237’, ‘197.211.212.59’, ‘21.252.107.198’, ‘26.165.218.44’, ‘47.206.4.145’, ‘70.224.36.194’, ‘81.94.192.10’, ‘81.94.192.147’, ‘84.49.242.125’, ‘97.90.44.200’) ) AND (created_at >= CURRENT_TIMESTAMP() – INTERVAL 30 DAY)]