Https:// is a bit dead

It seems that GitHub - firehol/blocklist-ipsets: ipsets dynamically updated with firehol's script has been about a month since the site has been updated so the ip blocking lists used in threat shield are becoming increasingly ineffective.
Ideas, alternatives?

I guess you are not the only one with this question:

True. On the other hand FireHOL IP Lists | IP Blacklists | IP Blocklists | IP Reputation looks alive!?

1 Like

Hi @FIB_Denmark and welcome!

That raises the question with me how to validate the trustworthiness of such lists and all related measures.

Just food for thought.

That list is not uploaded to Nethsecurity.
If you put the link in the threat shield, you get a warning that it’s not a valid git repository.

Lists are updated at
You can fetch them individually by
or any filename.
Install firehol-tools.
Run update-scripts (–enable-all)

I would say that script and the site you point me to has major management problems: a lot of lists fail or are outdated, so I wouldn’t rely on it much.

On top of that, Nethserver’s Threat Shield only works with a git repository, from what I can see.

So I ended up making my own gir repo, with some lists updating themselves by taking them from various sources, formatting them properly, and cleaning them up from the private ip classes they many times contain.

1 Like

Most of these lists fail because their original maintainers either stopped the updates or moved on paid services. So in my case I just check the file’s date, find the newly added IPs and that’s all.

Sorry, I never saw that it was related to Nethserver.

Great work! I’m doing similar work on OSINT feeds, specifically on IPs. Do you plan to make your work public?

1 Like

This is really sad, I was very reliant on this feature. Any chance we can have the downloads come directly from the firehol website or someone find a new attacker IP complete feed to incorporate into the threatshield feature?

There are two forks of blocklist-ipsets that are currently maintained, but they do not manage the full lists (partly because many of the original lists either didn’t work or were no longer maintained or publicly accessible).

The lists of the two forks are updated quite frequently but are maintained amateurishly so they are taken “as is” without having to claim anything.

Please put an appreciation on the two repositories (click on the “star” button at the top right of the fork page :slight_smile: )


This rocks, thanks so much!

1 Like