 Noah VailSon made my AvatarPremium
join:2004-12-10
Lorton, VA
kudos:1
 ·Bright House
 ·Sprint Mobile Br..
1 edit | Live Malware Update Lists malc0de.com maintains a list of IPs tied to malware serving urls.
This version works in pfBlocker. I set it to Deny Both & daily update.
I checked the list out with this piece of fresh malware and found it's serving IP in the list.
.
.
.
EDIT: I added the lists to pfSense last night and ran into a couple of unexpected site blocks.
First was web.archive.org. Malc0de's entry is here. I guess archive.org has cached some malicious data.
Second is the IP 72.21.91.19; which is an edgecast address used for video streaming by break.com, wnd.com, brietbart, myspace and others.
Apparently a burner app from that IP was flagged last week, by ThreatExpert. TE has since pulled the report.
I whitelisted the 1st IP and sent a req to Malc0de to delist the 2nd.
Meanwhile, I'll keep evaluating the list.
--
Adopting other people's animosity is The New Stupid. |
