Document Existing Usage for abuse.ch
Opened this issue · 1 comments
zoomequipd commented
Contact Details
twitter.com/abuse_ch
What organization is using the sid range?
abuse.ch
SID Ranges
I was able to find the following ranges in use as of 2022-01-29
| Low End | High End | Url |
|---|---|---|
| 900505003 | 900507802 | https://feodotracker.abuse.ch/downloads/feodotracker.rules |
| 900605001 | 900607802 | https://feodotracker.abuse.ch/downloads/feodotracker_aggressive.rules |
| 902200000 | 902204616 | https://sslbl.abuse.ch/blacklist/sslblacklist.rules |
| 903200000 | 903204616 | https://sslbl.abuse.ch/blacklist/sslblacklist_tls_cert.rules |
| 904200000 | 904200022 | https://sslbl.abuse.ch/blacklist/sslipblacklist.rules |
| 905200000 | 905208077 | https://sslbl.abuse.ch/blacklist/sslipblacklist_aggressive.rules |
| 906200000 | 906200096 | https://sslbl.abuse.ch/blacklist/ja3_fingerprints.rules |
| 80864327 | 82877945 | https://urlhaus.abuse.ch/downloads/suricata-ids/ |
| 90162588 | 90315707 | https://threatfox.abuse.ch/downloads/threatfox_suricata.rules |
| 5012000 | 5012999 | Privately Used |
IDS Engine
- Snort
- Suricata
zoomequipd commented
Created the issue to start tracking the sid ranges in use. I am working with abuse.ch to further document and verify the sid ranges discovered. Once everything has been verified, I'll create a PR.