ScorpionSting Absent Member.
Absent Member.
1869 views

Abuse.ch offline.....again

Yet again, feeds are offline.

No explanation, but he knows it is....

https://twitter.com/norcnakvadrat/status/1060137144478588929

Visit my Website for links to Cool Solution articles.
0 Likes
10 Replies
AutomaticReply Absent Member.
Absent Member.

Re: Abuse.ch offline.....again

ScorpionSting,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

These forums are peer-to-peer, best effort, volunteer run and that if your issue
is urgent or not getting a response, you might try one of the following options:

- Visit https://www.microfocus.com/support-and-services and search the knowledgebase and/or check
all the other self support options and support programs available.
- Open a service request: https://www.microfocus.com/support
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.microfocus.com)
- You might consider hiring a local partner to assist you.
https://www.partnernetprogram.com/partnerfinder/find.html

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.microfocus.com/faq.php

Sometimes this automatic posting will alert someone that can respond.

If this is a reply to a duplicate posting or otherwise posted in error, please
ignore and accept our apologies and rest assured we will issue a stern reprimand
to our posting bot.

Good luck!

Your Micro Focus Forums Team
http://forums.microfocus.com



0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Abuse.ch offline.....again

He says the two feeds should be back online (as of 3 days ago), but alas no....

https://twitter.com/abuse_ch/status/1061175635329060865

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Abuse.ch offline.....again

ScorpionSting;2490595 wrote:
He says the two feeds should be back online (as of 3 days ago), but alas no....

https://twitter.com/abuse_ch/status/1061175635329060865


I emailed, and got a response from, Roman and he's confirmed the backend is currently offline...

NetIQ either need to support integrations they apply to the product or reconsider which integrations they do.

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Abuse.ch offline.....again

ScorpionSting;2490595 wrote:
He says the two feeds should be back online (as of 3 days ago), but alas no....

https://twitter.com/abuse_ch/status/1061175635329060865



https://twitter.com/abuse_ch/status/1062667706661515264


SSLBL / SinkDB Update: I'm sorry to tell you guys that the said services (incl. the Feodo Tracker blacklist) will be down until at least Monday, Nov 19th 2018. The reason for the outage is a failed Debian dist upgrade on the backend server. Sorry for any inconvinience.

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Abuse.ch offline.....again

So,


SSBL is dead, long live SSLBL!

I'm working on a new version of SSLBL and plan to publish it in the coming 2 weeks (the good news is: it will include a JA3 blacklist, yay!). SinkDB will not come back online before Feb 19.

Sorry for any inconvenience caused.
[/URL]


This means you should probably disable the following Threat Intelligence Sources:


  • Abuse.ch SSL Blacklist
  • Abuse.ch Dyre SSL Blacklist

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Abuse.ch offline.....again

ScorpionSting;2491900 wrote:
So,



This means you should probably disable the following Threat Intelligence Sources:


  • Abuse.ch SSL Blacklist
  • Abuse.ch Dyre SSL Blacklist



So, SSL is back:



Normal: https://sslbl.abuse.ch/blacklist/sslipblacklist.txt
Aggressive: https://sslbl.abuse.ch/blacklist/sslipblacklist_aggressive.txt

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Abuse.ch offline.....again

There have been more changes at Abuse.ch.

The default Abuse.ch Feodo Tracker URL is https://feodotracker.abuse.ch/blocklist/?download=ipblocklist which no longer produces the list, this needs to be changed to https://feodotracker.abuse.ch/downloads/ipblocklist.txt

Visit my Website for links to Cool Solution articles.
0 Likes
davidkrotil Super Contributor.
Super Contributor.

Re: Abuse.ch offline.....again

I have change it , but still getting error

Saving object ThreatFeed but attribute Score is required and null: ThreatFeed: LastUpdate='1549706700029' ThreatType='botnets' Priority='1' SourceType='URL' DateCreated='1533644816817' ShortName='Feodo' Count='425' Hash='994ad9ffb43c7a25fc4ac11621bd7e0c76ec445744a0616bc843f988b908c930' ModifiedBy='107' Source='https://feodotracker.abuse.ch/downloads/ipblocklist.txt' Name='Abuse.ch Feodo Tracker' Format='IPSIMPLELIST' Id='4B5466F0-14B9-1031-B846-005056A70240' DateModified='1549706700196' Lastrun='1549706700029'
0 Likes
davidkrotil Super Contributor.
Super Contributor.

Re: Abuse.ch offline.....again

Need to be set ->
Source reputation score:
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Abuse.ch offline.....again

davidkrotil;2495057 wrote:
Need to be set ->
Source reputation score:


Interesting, mine is null and works fine.

Visit my Website for links to Cool Solution articles.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.