forked from stevecheckoway/ucsddissertation
-
Notifications
You must be signed in to change notification settings - Fork 0
/
datadef.tex
104 lines (81 loc) · 2.54 KB
/
datadef.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
\def\numallfeeds{XXX}
\def\numipfeeds{47}
\def\numhashfeeds{8}
% Scan feeds
\def\feedTSAlienVault{PA AlienVault IPs}
\def\feeddshield{DShield IPs}
\def\feedetiprep{Paid IP Reputation}
\def\feedpacketmail{Packetmail IPs}
\def\feedTSramnode{PA Packetmail ramnode}
\def\feedTSLabScan{PA Lab Scan}
\def\feedTSSnort{PA Snort BlockList}
\def\feedTSAnalyst{PA Analyst}
% Bot feeds
\def\feedTSCI{PA CI Army}
\def\feedTSBotscout{PA Botscout IPs}
\def\feedTSVoIP{PA VoIP Blacklist}
\def\feedTSCompr{PA Compromised IPs}
\def\feedTSBots{PA Blocklist Bots}
\def\feedTSHoneypot{PA Project Honeypot}
% Brute-force feeds
\def\feedbadipssh{Badips SSH}
\def\feedbadipbot{Badips Badbots}
\def\feedTSBrute{PA Brute-Force}
\def\feedusername{Badips Username Notfound}
\def\feeddisco{Haley SSH}
\def\feednothink{Nothink SSH}
\def\feeddangerrule{Dangerrulez Brute}
\def\feedTSScopVoIP{PA ScopServ VoIPBL}
% Malwre feeds
\def\feedfeodo{Feodo IP Blacklist}
\def\feedTSLabMalware{PA Lab Malware}
\def\feedmalcode{Malc0de IP Blacklist}
\def\feedTSBambenek{PA Bambenek C2 IPs}
\def\feedTSSSL{PA SSL Malware IPs}
\def\feedTSAbusech{PA Abuse.ch Ransomware}
\def\feedTSMalTraffic{PA Mal-Traffic-Anal}
\def\feedzeus{Zeus IP Blacklist}
% Exploit feeds
\def\feedbadiphttp{Badips HTTP}
\def\feedbadipftp{Badips FTP}
\def\feedbadiprfi{Badips RFI}
\def\feedbadipdns{Badips DNS}
\def\feedbadipsql{Badips SQL}
% Spam feeds
\def\feedbadippostfix{Badips Postfix}
\def\feedbadipspam{Badips Spam}
\def\feedFBBasecamp{FB Aggregator$_1$}
\def\feedFBZendesk{FB Aggregator$_2$}
\def\feedFBAdmin{FB Malicious IPs}
\def\feedalienvault{Alienvault IP Reputation}
% Malware md5 hash feed.
\def\feedTSOSINT{PA OSINT}
\def\feedTSmalcode{PA Malc0de}
\def\feedTSMobile{PA Mobile Malware}
\def\feedTSRAT{PA RAT Hunter}
\def\feedTSBackdoor{PA Backdoor \& RAT}
% Definition of feed name
\def\spamhausdrop{Spamhaus DROP}
\def\spamhausedrop{Spamhaus EDROP}
\def\dshieldtop{DShield Top Blacklist}
\def\ciarmy{CI Army Blacklist}
\def\etcompromised{ET Compromised}
\def\snortfilter{Snort IP Filter List}
\def\bdsatif{BDS IP Ban List}
\def\feodo{Feodo IP Blacklist}
\def\ettor{Tor IP Blacklist}
\def\blocklistde{Blocklist De Blacklist}
% Definition of reflector
\def\reflector{reflector}
\def\Reflector{Reflector}
% Definition of reflector plural
\def\reflectors{reflectors}
\def\Reflectors{Reflectors}
% Definition of reflector capitalized
\def\reflectorcap{Reflector}
% Definition of reflector count
\def\reflcount{222,782}
% Definition of reflector rough number
\def\reflroughnum{220K}
% Definition of blacklist number
\def\blacklistnum{9}