duggytuxy/Data-Shield_IPv4_Blocklist

GitHub: duggytuxy/Data-Shield_IPv4_Blocklist

Stars: 439 | Forks: 50

网站   •   问题追踪   •   SysWarden   •   Linkedin   •   TryHackMe   •   Ko-Fi


Support me on Ko-fi

![Alt](https://repobeats.axiom.co/api/embed/8ead3fb191fc45d23c0953782d4aee4901b85ded.svg "Repobeats analytics image") # Data‑Shield IPv4 Blocklist Community **Data-Shield IPv4 Blocklist Community** 提供了一个官方的、经过精心筛选的 IPv4 地址注册表,这些地址被识别为恶意地址。该资源持续更新,提供重要的威胁情报以增强您的 **Firewall** 和 **WAF** 实例,为您的基础设施提供强大的额外安全层。 ## 核心功能与优势 - **主动防御与减少攻击面** Data-Shield IPv4 Blocklist Community 作为您暴露资产(Web Apps, WordPress, Websites, VPS with Apache, Nginx)的重要保护层。通过尽早阻断恶意流量,它显著减少了侦查阶段,并降低了在 **Shodan** 等扫描器上的可见性。 - **高保真、集中化情报** 数据汇总自通过全球探测器反馈并经由自托管 HIDS/SIEM 栈处理的单一验证来源。我们优先考虑 **数据可靠性** 以最大限度地减少误报,确保您的合法流量不受干扰。 - **无缝兼容性与集成** 专为通用部署而设计: - **通用格式**:通过单个 RAW 链接轻松集成到大多数 Firewall 和 WAF 中。 - **供应商无关**:包含拆分列表逻辑,以适应对条目数量有严格限制的硬件供应商。 - **CTI 就绪**:完全可移植,用于 OpenCTI 和 MISP 等威胁情报平台的富化。 - **时效性与性能** - **更新**:每 **6 小时** 刷新一次,以应对即时威胁。 - **保留期**:**15 天** 的滚动窗口确保我们跟踪短寿命的恶意 IP,而不会用过时数据使您的规则集膨胀。 - **效率**:提供可与商业解决方案相媲美的企业级性能。 - **开源与社区驱动** 任何人都可以访问——从业余爱好者到企业管理员。该项目基于 [GNU GPLv3 license](/LICENSE) 骄傲地分发,培育了一个透明和协作的安全生态系统。 ## 核心目标与影响 - **大幅降低噪音与简化响应** 通过过滤掉大约 **95% 的恶意机器人流量**,我们将整体日志噪音减少了高达 **50%**。这显著提高了信噪比,允许 **Cybersecurity Incident Responders (CIRs)** 专注于真正的异常和关键警报,而不是筛选自动化的背景噪音。 - **优化资源消耗** 在边界阻断威胁可防止它们到达您的应用逻辑。这导致 **CPU、RAM 和带宽使用量** 的直接减少,为合法用户流量保留服务器资源并降低基础设施成本。 - **自动化、多渠道交付** 确保您的防御始终处于激活状态,无需人工干预。拦截列表通过高可用性网络(包括 **GitHub, JSdelivr CDN, BitBucket, Codeberg, 和 GitLab**)自动更新和分发,保证通过标准 Raw URLs 的可靠访问。 ## 生产列表 为了保证高可用性和弹性,Data-Shield IPv4 Blocklist Community 部署在强大的多云基础设施上。数据每 **6 小时** 在多个存储库和全球 CDN 之间同步一次。 - **我应该使用哪个列表?** - **完整列表**:推荐用于大多数现代 Firewall, WAFs, 和 SIEMs。 - **拆分列表 (A/B/C)**:专为旧式硬件或对每个对象有条目限制的供应商设计(例如,最多 30k IPs)。如果使用,请确保摄入所有 3 个部分。 #### GitHub 仓库 (镜像) | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | [prod_data-shield_ipv4_blocklist.txt](https://raw.githubusercontent.com/duggytuxy/Data-Shield_IPv4_Blocklist/refs/heads/main/prod_data-shield_ipv4_blocklist.txt) | | Split List A | 30k IPs | [prod_aa_data-shield_ipv4_blocklist.txt](https://raw.githubusercontent.com/duggytuxy/Data-Shield_IPv4_Blocklist/refs/heads/main/prod_aa_data-shield_ipv4_blocklist.txt) | | Split List B | 30k IPs | [prod_ab_data-shield_ipv4_blocklist.txt](https://raw.githubusercontent.com/duggytuxy/Data-Shield_IPv4_Blocklist/refs/heads/main/prod_ab_data-shield_ipv4_blocklist.txt) | | Split List C | 30k IPs | [prod_ac_data-shield_ipv4_blocklist.txt](https://raw.githubusercontent.com/duggytuxy/Data-Shield_IPv4_Blocklist/refs/heads/main/prod_ac_data-shield_ipv4_blocklist.txt) | #### GitLab 仓库 (主源) | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | [prod_data-shield_ipv4_blocklist.txt](https://gitlab.com/duggytuxy/Data-Shield-IPv4-Blocklist/-/raw/main/prod_data-shield_ipv4_blocklist.txt?ref_type=heads) | | Split List A | 30k IPs | [prod_aa_data-shield_ipv4_blocklist.txt](https://gitlab.com/duggytuxy/Data-Shield-IPv4-Blocklist/-/raw/main/prod_aa_data-shield_ipv4_blocklist.txt?ref_type=heads) | | Split List B | 30k IPs | [prod_ab_data-shield_ipv4_blocklist.txt](https://gitlab.com/duggytuxy/Data-Shield-IPv4-Blocklist/-/raw/main/prod_ab_data-shield_ipv4_blocklist.txt?ref_type=heads) | | Split List C | 30k IPs | [prod_ac_data-shield_ipv4_blocklist.txt](https://gitlab.com/duggytuxy/Data-Shield-IPv4-Blocklist/-/raw/main/prod_ac_data-shield_ipv4_blocklist.txt?ref_type=heads) | #### jsDelivr CDN (高性能) | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | [prod_data-shield_ipv4_blocklist.txt](https://cdn.jsdelivr.net/gh/duggytuxy/Data-Shield_IPv4_Blocklist@refs/heads/main/prod_data-shield_ipv4_blocklist.txt) | | Split List A | 30k IPs | [prod_aa_data-shield_ipv4_blocklist.txt](https://cdn.jsdelivr.net/gh/duggytuxy/Data-Shield_IPv4_Blocklist@refs/heads/main/prod_aa_data-shield_ipv4_blocklist.txt) | | Split List B | 30k IPs | [prod_ab_data-shield_ipv4_blocklist.txt](https://cdn.jsdelivr.net/gh/duggytuxy/Data-Shield_IPv4_Blocklist@refs/heads/main/prod_ab_data-shield_ipv4_blocklist.txt) | | Split List C | 30k IPs | [prod_ac_data-shield_ipv4_blocklist.txt](https://cdn.jsdelivr.net/gh/duggytuxy/Data-Shield_IPv4_Blocklist@refs/heads/main/prod_ac_data-shield_ipv4_blocklist.txt) | #### BitBucket 仓库 (镜像) | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | [prod_data-shield_ipv4_blocklist.txt](https://bitbucket.org/duggytuxy/data-shield-ipv4-blocklist/raw/HEAD/prod_data-shield_ipv4_blocklist.txt) | | Split List A | 30k IPs | [prod_aa_data-shield_ipv4_blocklist.txt](https://bitbucket.org/duggytuxy/data-shield-ipv4-blocklist/raw/HEAD/prod_aa_data-shield_ipv4_blocklist.txt) | | Split List B | 30k IPs | [prod_ab_data-shield_ipv4_blocklist.txt](https://bitbucket.org/duggytuxy/data-shield-ipv4-blocklist/raw/HEAD/prod_ab_data-shield_ipv4_blocklist.txt) | | Split List C | 30k IPs | [prod_ac_data-shield_ipv4_blocklist.txt](https://bitbucket.org/duggytuxy/data-shield-ipv4-blocklist/raw/HEAD/prod_ac_data-shield_ipv4_blocklist.txt) | #### Codeberg 仓库 (镜像) | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | [prod_data-shield_ipv4_blocklist.txt](https://codeberg.org/duggytuxy21/Data-Shield_IPv4_Blocklist/raw/branch/main/prod_data-shield_ipv4_blocklist.txt) | | Split List A | 30k IPs | [prod_aa_data-shield_ipv4_blocklist.txt](https://codeberg.org/duggytuxy21/Data-Shield_IPv4_Blocklist/raw/branch/main/prod_aa_data-shield_ipv4_blocklist.txt) | | Split List B | 30k IPs | [prod_ab_data-shield_ipv4_blocklist.txt](https://codeberg.org/duggytuxy21/Data-Shield_IPv4_Blocklist/raw/branch/main/prod_ab_data-shield_ipv4_blocklist.txt) | | Split List C | 30k IPs | [prod_ac_data-shield_ipv4_blocklist.txt](https://codeberg.org/duggytuxy21/Data-Shield_IPv4_Blocklist/raw/branch/main/prod_ac_data-shield_ipv4_blocklist.txt) | ### 新生产列表 - **关键基础设施与专用列表** 专为中小企业 (SMB) 和企业环境量身定制,我们提供 **5 个专用列表**,专门设计用于保护高价值目标,如 **DMZs, 关键资产, 暴露的基础设施, 和 APIs**。这种扩展的覆盖范围提供了适合复杂环境的精细保护,确保您最敏感的组件保持安全。 #### GitHub 仓库 (镜像) | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | [prod_critical_data-shield_ipv4_blocklist.txt](https://raw.githubusercontent.com/duggytuxy/Data-Shield_IPv4_Blocklist/refs/heads/main/prod_critical_data-shield_ipv4_blocklist.txt) | | Split List A | 30k IPs | [prod_critical_aa_data-shield_ipv4_blocklist.txt](https://raw.githubusercontent.com/duggytuxy/Data-Shield_IPv4_Blocklist/refs/heads/main/prod_critical_aa_data-shield_ipv4_blocklist.txt) | | Split List B | 30k IPs | [prod_critical_ab_data-shield_ipv4_blocklist.txt](https://raw.githubusercontent.com/duggytuxy/Data-Shield_IPv4_Blocklist/refs/heads/main/prod_critical_ab_data-shield_ipv4_blocklist.txt) | | Split List C | 30k IPs | [prod_critical_ac_data-shield_ipv4_blocklist.txt](https://raw.githubusercontent.com/duggytuxy/Data-Shield_IPv4_Blocklist/refs/heads/main/prod_critical_ac_data-shield_ipv4_blocklist.txt) | | Split List D | 30k IPs | [prod_critical_ad_data-shield_ipv4_blocklist.txt](https://raw.githubusercontent.com/duggytuxy/Data-Shield_IPv4_Blocklist/refs/heads/main/prod_critical_ad_data-shield_ipv4_blocklist.txt) | #### GitLab 仓库 (主源) | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | [prod_critical_data-shield_ipv4_blocklist.txt](https://gitlab.com/duggytuxy/Data-Shield-IPv4-Blocklist/-/raw/main/prod_critical_data-shield_ipv4_blocklist.txt?ref_type=heads) | | Split List A | 30k IPs | [prod_critical_aa_data-shield_ipv4_blocklist.txt](https://gitlab.com/duggytuxy/Data-Shield-IPv4-Blocklist/-/raw/main/prod_critical_aa_data-shield_ipv4_blocklist.txt?ref_type=heads) | | Split List B | 30k IPs | [prod_critical_ab_data-shield_ipv4_blocklist.txt](https://gitlab.com/duggytuxy/Data-Shield-IPv4-Blocklist/-/raw/main/prod_critical_ab_data-shield_ipv4_blocklist.txt?ref_type=heads) | | Split List C | 30k IPs | [prod_critical_ac_data-shield_ipv4_blocklist.txt](https://gitlab.com/duggytuxy/Data-Shield-IPv4-Blocklist/-/raw/main/prod_critical_ac_data-shield_ipv4_blocklist.txt?ref_type=heads) | | Split List D | 30k IPs | [prod_critical_ad_data-shield_ipv4_blocklist.txt](https://gitlab.com/duggytuxy/Data-Shield-IPv4-Blocklist/-/raw/main/prod_critical_ad_data-shield_ipv4_blocklist.txt?ref_type=heads) | #### jsDelivr CDN (高性能) | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | [prod_critical_data-shield_ipv4_blocklist.txt](https://cdn.jsdelivr.net/gh/duggytuxy/Data-Shield_IPv4_Blocklist@refs/heads/main/prod_critical_data-shield_ipv4_blocklist.txt) | | Split List A | 30k IPs | [prod_critical_aa_data-shield_ipv4_blocklist.txt](https://cdn.jsdelivr.net/gh/duggytuxy/Data-Shield_IPv4_Blocklist@refs/heads/main/prod_critical_aa_data-shield_ipv4_blocklist.txt) | | Split List B | 30k IPs | [prod_critical_ab_data-shield_ipv4_blocklist.txt](https://cdn.jsdelivr.net/gh/duggytuxy/Data-Shield_IPv4_Blocklist@refs/heads/main/prod_critical_ab_data-shield_ipv4_blocklist.txt) | | Split List C | 30k IPs | [prod_critical_ac_data-shield_ipv4_blocklist.txt](https://cdn.jsdelivr.net/gh/duggytuxy/Data-Shield_IPv4_Blocklist@refs/heads/main/prod_critical_ac_data-shield_ipv4_blocklist.txt) | | Split List D | 30k IPs | [prod_critical_ad_data-shield_ipv4_blocklist.txt](https://cdn.jsdelivr.net/gh/duggytuxy/Data-Shield_IPv4_Blocklist@refs/heads/main/prod_critical_ad_data-shield_ipv4_blocklist.txt) | #### BitBucket 仓库 (镜像) | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | [prod_critical_data-shield_ipv4_blocklist.txt](https://bitbucket.org/duggytuxy/data-shield-ipv4-blocklist/raw/HEAD/prod_critical_data-shield_ipv4_blocklist.txt) | | Split List A | 30k IPs | [prod_critical_aa_data-shield_ipv4_blocklist.txt](https://bitbucket.org/duggytuxy/data-shield-ipv4-blocklist/raw/HEAD/prod_critical_aa_data-shield_ipv4_blocklist.txt) | | Split List B | 30k IPs | [prod_critical_ab_data-shield_ipv4_blocklist.txt](https://bitbucket.org/duggytuxy/data-shield-ipv4-blocklist/raw/HEAD/prod_critical_ab_data-shield_ipv4_blocklist.txt) | | Split List C | 30k IPs | [prod_critical_ac_data-shield_ipv4_blocklist.txt](https://bitbucket.org/duggytuxy/data-shield-ipv4-blocklist/raw/HEAD/prod_critical_ac_data-shield_ipv4_blocklist.txt) | | Split List D | 30k IPs | [prod_critical_ad_data-shield_ipv4_blocklist.txt](https://bitbucket.org/duggytuxy/data-shield-ipv4-blocklist/raw/HEAD/prod_critical_ad_data-shield_ipv4_blocklist.txt) | #### Codeberg 仓库 (镜像) | **Dataset Variant** | **Entry Cap** | **Raw Link** | | :--- | :---: | :--- | | **Full List** | ~100k IPs | [prod_critical_data-shield_ipv4_blocklist.txt](https://codeberg.org/duggytuxy21/Data-Shield_IPv4_Blocklist/raw/branch/main/prod_critical_data-shield_ipv4_blocklist.txt) | | Split List A | 30k IPs | [prod_critical_aa_data-shield_ipv4_blocklist.txt](https://codeberg.org/duggytuxy21/Data-Shield_IPv4_Blocklist/raw/branch/main/prod_critical_aa_data-shield_ipv4_blocklist.txt) | | Split List B | 30k IPs | [prod_critical_ab_data-shield_ipv4_blocklist.txt](https://codeberg.org/duggytuxy21/Data-Shield_IPv4_Blocklist/raw/branch/main/prod_critical_ab_data-shield_ipv4_blocklist.txt) | | Split List C | 30k IPs | [prod_critical_ac_data-shield_ipv4_blocklist.txt](https://codeberg.org/duggytuxy21/Data-Shield_IPv4_Blocklist/raw/branch/main/prod_critical_ac_data-shield_ipv4_blocklist.txt) | | Split List D | 30k IPs | [prod_critical_ad_data-shield_ipv4_blocklist.txt](https://codeberg.org/duggytuxy21/Data-Shield_IPv4_Blocklist/raw/branch/main/prod_critical_ad_data-shield_ipv4_blocklist.txt) | ## 集成教程 为了确保 Data-Shield IPv4 Blocklist Community 有效运行,至关重要的是在正确的流量方向上应用过滤规则。 ### 部署策略 ### 社区与供应商教程 一组非详尽的指南,旨在促进各种环境中的集成。 | **Vendor / Platform** | **Resource Type** | **Capacity Note** | | :--- | :---: | :---: | | **[BunkerWeb](https://docs.bunkerweb.io/latest/features/#__tabbed_8_1)** | Official Documentation | ≥ 100k IPs | | **[Fortinet](https://docs.fortinet.com/document/fortigate/7.4.9/administration-guide/379433/configuring-a-threat-feed#threat-ext)** | Official Guide | ≥ 100k IPs| **[Checkpoint](https://sc1.checkpoint.com/documents/R80.20SP/WebAdminGuides/EN/CP_R80.20SP_Maestro_AdminGuide/Topics-Maestro-AG/IP-Block-Feature.htm)** | Manufacturer's Guide | *TBC* | | **[Palo Alto](https://docs.paloaltonetworks.com/network-security/security-policy/administration/objects/external-dynamic-lists/configure-the-firewall-to-access-an-external-dynamic-list#configure-the-firewall-to-access-an-external-dynamic-list-panorama)** | EDL Overview | *TBC* | | **[F5 BIG-IP](https://my.f5.com/manage/s/article/K10978895)** | Official Guide | *TBC* | | **[Stormshield](https://www.youtube.com/watch?v=yT2oas7M2UM)** | Official Video | *TBC* | | **[OPNsense](https://slash-root.fr/opnsense-block-malicious-ips/)** | Slash-Root Guide | ≥ 100k IPs | | **[Synology NAS](https://myownserver.org/posts/Automatiser_la_liste_de_blocage.html)** | MyOwnServer Guide | ≥ 100k IPs | ## GRC 与合规 - **治理与运营效率** 该解决方案将运营噪音减少了高达 **50%**,并拦截了 **95%** 的恶意机器人流量,显着释放了服务器资源(CPU, RAM)。它执行严格的 **WAN-to-LAN configuration** 以保证系统有效性,同时提供 5 个官方列表(高达 120,000 IPs)以适应硬件限制。 - **法规一致性 (ISO 27001 & NIS2)** 集成直接支持 **ISO 27001:2022** 控制措施(A.8.20 网络安全, A.5.7 威胁情报),通过自动化针对已知攻击的边界防御。它还通过提供结构化风险管理和相称的技术措施以确保服务弹性,从而满足 **NIS2 Directive** 对基本实体的要求。 - **GDPR & Privacy Standards** 当正确配置(仅 WAN-to-LAN)时,拦截列表在 **GDPR 范围之外** 运行,因为被拦截的 IP 属于与您的组织没有合同关系的外部恶意行为者。这确保了合规友好的集成,无需复杂的个人数据处理文档。 - **风险管理与可靠性** 我们采用严格的行为分析方法来最大限度地减少误报,目标速率低于 **每月 2 次**。高可用性通过 4 个独立下载源(GitHub, BitBucket, Codeberg, GitLab)得到保证,确保即使在主机发生事故期间也能提供持续保护。 - **结构化部署与社区反馈** 采用遵循安全的分阶段方法——从 **观察**(仅日志)到 **激活**——确保关键流程无倒退。该项目通过 GitHub 提供报告误报的清晰流程,促进透明度,旨在集体改进并在 48 小时内解决。 ## 路线图 | Objective | Target Date | | :--- | :---: | | ~~Fail2ban Integration~~ | Q1 2026 | | ~~Global Threat Map~~ | Q2 2026 | | API v2 | Q3 2026 | ## 支持与可持续性 * ☕ **Ko-Fi:** [https://ko-fi.com/laurentmduggytuxy](https://ko-fi.com/laurentmduggytuxy) ## 许可证与版权 - **Data-Shield IPv4 Blocklist Community** © 2023–2026 - 由 **Duggy Tuxy (Laurent Minne)** 开发。 "This project is open-source software licensed under the **[GNU GPLv3 License](/LICENSE)**."
标签:Beacon Object File, CISA项目, IPv4黑名单, IP信誉, IP 地址批量处理, IP封锁, SysWarden, WAF, 入侵防御, 威胁情报, 子域枚举, 安全列表, 密码管理, 开发者工具, 恶意IP, 恶意地址, 情报源, 攻击防御, 网络安全, 网络安全研究, 网络拦截, 网络流量过滤, 防火墙, 隐私保护, 黑名单社区