Import external ip ban list
pmelchiori
Newbie ✭
Hi everyone, I need to import ad external IP Botnet list the problem is that for SonicWall the list is too long and the botnet dynamic list feature couldn't be used...
Is there another way to import the list? is there some trick to be used in these case?
thanks! 😊
Category: Firewall Security Services
0
This discussion has been closed.
Answers
How many lines is the list?
You may be able to use GEOIP to restrict countries that you know you won't communicate with and then remove entries from those countries in the list. It'd be a lot of work I imagine, unless you can script it out to do a dns query and then remove anything from those countries.
You might also check your list for duplicates and remove them if there are.
12170 lines: https://raw.githubusercontent.com/ktsaou/blocklist-ipsets/master/blocklist_de_ssh.ipset
Adding @Nevyaditha @shiprasahu93 @Saravanan @Poorni_5 for further visibility.
Thanks and Regards,
Sridevi G
Global Service Account Manager,Premier Services
wouldn't it make more sense to use an allow list and block all other IP Public addresses?
you could use the External Dynamic Address Object feature for this so the allow list can be updated easily from a list on an FTP server.
I couldn't because I've SSH access for external users (provided by public certs) 😓