OPNsense Forum
English Forums => General Discussion => Topic started by: erialor on June 11, 2019, 05:47:49 pm
-
Didn't find a recent list of Shodan IPs, so I decided to make my own from my logs....
I use it as an alias (URL Table IPs) and an IPv4 block rule on my wan.
Free for any that want to use it: https://www.vlh.dk/shodan.txt
Last update was einstein.census.shodan.io which started connecting this morning.
If you have any other Shodan IPs, feel free to reply - and I'll add those to the list :)
-
Hi,
the link is'nt active any more....
Is there an alternative?
-
The list is back again:
https://www.vlh.dk/shodan.txt
Meanwhile I researched a bit and found these IP adresses:
You can copy-paste that code into an IP-Alias:
98.143.148.107,155.94.254.133,155.94.254.143,155.94.222.12,98.143.148.135,104.131.0.69,104.236.198.48,159.203.176.62,162.159.244.38,185.142.236.34,185.142.236.35,185.163.109.66,185.181.102.18,188.138.1.119,188.138.9.50,198.20.69.74,198.20.69.98,198.20.70.114,198.20.87.98,198.20.99.130,208.180.20.97,209.126.110.38,216.117.2.180,66.240.192.138,66.240.219.146,66.240.236.119,71.6.135.131,71.6.146.130,71.6.146.185,71.6.146.186,71.6.147.254,71.6.158.166,71.6.165.200,71.6.167.142,71.6.199.23,80.82.77.139,80.82.77.33,82.221.105.6,82.221.105.7,85.25.103.50,85.25.43.94,89.248.167.131,89.248.172.16,93.120.27.62,93.174.95.106,94.102.49.190,94.102.49.193
In that list are some more IP-adresses.....
Readable format:
98.143.148.107
155.94.254.133
155.94.254.143
155.94.222.12
98.143.148.135
104.131.0.69
104.236.198.48
159.203.176.62
162.159.244.38
185.142.236.34
185.142.236.35
185.163.109.66
185.181.102.18
188.138.1.119
188.138.9.50
198.20.69.74
198.20.69.98
198.20.70.114
198.20.87.98
198.20.99.130
208.180.20.97
209.126.110.38
216.117.2.180
66.240.192.138
66.240.219.146
66.240.236.119
71.6.135.131
71.6.146.130
71.6.146.185
71.6.146.186
71.6.147.254
71.6.158.166
71.6.165.200
71.6.167.142
71.6.199.23
80.82.77.139
80.82.77.33
82.221.105.6
82.221.105.7
85.25.103.50
85.25.43.94
89.248.167.131
89.248.172.16
93.120.27.62
93.174.95.106
94.102.49.190
94.102.49.193
-
I just noticed my first IPv6-shodan host....
Aug 30 08:01:51 mail.vlh.dk postfix/smtps/smtpd warning: hostname editor.census.shodan.io does not resolve to address 2604:a880:2:d0::978:7001: No address associated with hostname
Was wondering how I would add that to the list?
Simply change to IPv4+IPv6 for the rule and add 2604:a880:2:d0::978:7001:?
Or do I need to format it in some specific way? (and can I mix IPv4 and IPv6 in one list?)
-
I removed/stopped serving the blocklist, haven't seen changes/additions for quite sometime, and are now using a host-alias instead; with the following hosts:
188.138.1.119
208.180.20.97
198.20.69.74
198.20.69.98
198.20.70.114
198.20.99.130
93.120.27.62
66.240.236.119
71.6.135.131
66.240.192.138
71.6.167.142
82.221.105.6
82.221.105.7
71.6.165.200
188.138.9.50
85.25.103.50
85.25.43.94
71.6.146.185
71.6.158.166
198.20.87.98
66.240.219.146
209.126.110.38
104.236.198.48
104.131.0.69
162.159.244.38
93.174.95.106
94.102.49.193
80.82.77.139
94.102.49.190
185.163.109.66
89.248.172.16
71.6.146.186
89.248.167.131
159.203.176.62
185.181.102.18
80.82.77.33
216.117.2.180
71.6.199.23
185.142.236.34
185.165.190.34
185.142.236.35
71.6.146.130
71.6.147.254
185.165.190.17
195.144.21.56
2604:a880:2:d0::978:7001