Adding rss validation
This commit is contained in:
parent
05364cdc3f
commit
50b6e49897
3
precommit-hooks/rss
Normal file
3
precommit-hooks/rss
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Implement https://cweiske.de/tagebuch/atom-validation.htm
|
@ -64,85 +64,4 @@
|
|||||||
</summary>
|
</summary>
|
||||||
</entry>
|
</entry>
|
||||||
|
|
||||||
<entry>
|
|
||||||
<title>Attack Flood from CN, BR, KZ, and DigitalOcean</title>
|
|
||||||
<link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#attack-flood-2022-12-23"></link>
|
|
||||||
<updated>2022-12-23T18:19:59Z</updated>
|
|
||||||
<id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#attack-flood-2022-12-23</id>
|
|
||||||
<summary>
|
|
||||||
<p>Starting 2022/12/18, the AniNIX saw a rapid increase of threat traffic from subnets attributed to CN, BR, and KZ country codes -- this coincided with a concerted campaign being run from hosting provider DigitalOcean. While APT-style campaigns from CN are more or less expected, the large amount of traffic from DigitalOcean suggests the advent of a new campaign from that vendor. Other AniNIX users have reported similar attacks originating from DigitalOcean, but blocking the entire provider cuts off access to some local resources.</p>
|
|
||||||
<p>We are blocking the following subnets in response to this threat data: 8.213.129.0/24, 36.92.107.0/24, 43.157.15.0/24, 45.162.216.0/22, 46.101.128.0/17, 46.101.80.0/20, 61.177.0.0/16, 62.87.132.0/22, 64.227.0.0/17, 82.180.132.0/23, 85.152.0.0/17, 92.46.64.0/18, 159.223.0.0/16, and 218.92.0.0/16. If you have legitimate resources living in these spaces, we recommend hardening those resources and contacting us via Discord or IRC to receive an exception.</p>
|
|
||||||
</summary>
|
|
||||||
</entry>
|
|
||||||
|
|
||||||
<entry>
|
|
||||||
<title>78.128.113.166/32</title>
|
|
||||||
<link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#78.128.113.166"></link>
|
|
||||||
<updated>2022-12-15T01:59:59Z</updated>
|
|
||||||
<id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#78.128.113.166</id>
|
|
||||||
<summary>
|
|
||||||
78.128.113.166/32 was detected using a variety of attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL injection methods and cross-site scripting. Total attack volume was 363.
|
|
||||||
</summary>
|
|
||||||
</entry>
|
|
||||||
|
|
||||||
<entry>
|
|
||||||
<title>141.98.9.24/32</title>
|
|
||||||
<link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#141.98.9.24"></link>
|
|
||||||
<updated>2022-09-30T21:59:59Z</updated>
|
|
||||||
<id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#141.98.9.24</id>
|
|
||||||
<summary>
|
|
||||||
141.98.9.24/32 was detected using a variety of attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL queries by URI, including "Attempt To Access MSSQL xp_cmdshell Stored Procedure Via URI". Total attack volume was 184.
|
|
||||||
</summary>
|
|
||||||
</entry>
|
|
||||||
|
|
||||||
<entry>
|
|
||||||
<title>31.184.195.114/32</title>
|
|
||||||
<link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#31.184.195.114"></link>
|
|
||||||
<updated>2022-09-30T21:59:59Z</updated>
|
|
||||||
<id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#31.184.195.114</id>
|
|
||||||
<summary>
|
|
||||||
31.184.195.114/32 was detected using a variety of attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as attempted administrator gain, lwp-download, and CVE-2014-6271 exploits. Total attack volume was 254.
|
|
||||||
</summary>
|
|
||||||
</entry>
|
|
||||||
|
|
||||||
<entry>
|
|
||||||
<title>81.19.136.5/32</title>
|
|
||||||
<link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#81.19.136.5"></link>
|
|
||||||
<updated>2022-09-30T21:59:59Z</updated>
|
|
||||||
<id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#81.19.136.5</id>
|
|
||||||
<summary>
|
|
||||||
81.19.136.5/32 was detected using web application attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL injection attacks. Total attack volume was 1079.
|
|
||||||
</summary>
|
|
||||||
</entry>
|
|
||||||
|
|
||||||
<entry>
|
|
||||||
<title>194.165.16.68/32</title>
|
|
||||||
<link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#194.165.16.68"></link>
|
|
||||||
<updated>2022-09-30T21:59:59Z</updated>
|
|
||||||
<id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#194.165.16.68</id>
|
|
||||||
<summary>
|
|
||||||
194.165.16.68/32 was detected using web application attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL injection attacks. Total attack volume was 184.
|
|
||||||
</summary>
|
|
||||||
</entry>
|
|
||||||
|
|
||||||
<entry>
|
|
||||||
<title>91.191.209.54/32</title>
|
|
||||||
<link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#91.191.209.54"></link>
|
|
||||||
<updated>2022-09-26T02:16:20Z</updated>
|
|
||||||
<id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#91.191.209.54</id>
|
|
||||||
<summary>
|
|
||||||
91.191.209.54/32 was detected using web application attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL injection attacks. Total attack volume was 1080.
|
|
||||||
</summary>
|
|
||||||
</entry>
|
|
||||||
|
|
||||||
<entry>
|
|
||||||
<title>194.165.17.9/32</title>
|
|
||||||
<link href="https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#194.165.17.9"></link>
|
|
||||||
<updated>2022-09-26T02:16:20Z</updated>
|
|
||||||
<id>https://aninix.net/AniNIX/Wiki/raw/branch/main/rss/osint.xml#194.165.17.9</id>
|
|
||||||
<summary>
|
|
||||||
194.165.17.9/32 was detected using web application attacks against our 80/tcp/http listener for AniNIX/WebServer. Suricata detection rules classified the incoming threats as a variety of SQL injection attacks. Total attack volume was 184.
|
|
||||||
</summary>
|
|
||||||
</entry>
|
|
||||||
|
|
||||||
</feed>
|
</feed>
|
||||||
|
Loading…
Reference in New Issue
Block a user