Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Brute Force Auth Attacks ʕ•́ᴥ•̀ʔっ (List of Malicious IP addresses provided)

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 4 Posters 710 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • AKEGECA Offline
      AKEGEC
      last edited by AKEGEC

      Many of my clients got brute force attacks these few weeks from below ip addresses (range). Use Snort IDS IPS with your pfsense if you can.

      If you have fallen victim to cybercrime in Europe, report here:
      https://www.europol.europa.eu/report-a-crime/report-cybercrime-online

      145.249.104.0/22 
      194.156.207.0/24 
      196.16.0.0/14
      196.16.0.0/14 
      41.216.186.0/24 
      45.129.33.0/24 
      5.8.18.0/24 
      80.82.64.0/24 
      80.82.65.0/24 
      80.82.66.0/24 
      80.82.67.0/24 
      80.82.68.0/24 
      80.82.69.0/24 
      80.82.70.0/24 
      80.82.76.0/24 
      80.82.77.0/24 
      80.82.78.0/24 
      80.82.79.0/24 
      89.248.160.0/24 
      89.248.161.0/24 
      89.248.162.0/24 
      89.248.163.0/24 
      89.248.164.0/24 
      89.248.165.0/24 
      89.248.166.0/24 
      89.248.167.0/24 
      89.248.168.0/24 
      89.248.169.0/24 
      89.248.170.0/24 
      89.248.171.0/24 
      89.248.172.0/24 
      89.248.173.0/24 
      89.248.174.0/24 
      93.174.88.0/24 
      93.174.89.0/24 
      93.174.90.0/24 
      93.174.91.0/24 
      93.174.92.0/24 
      93.174.93.0/24 
      93.174.94.0/24 
      93.174.95.0/24 
      94.102.48.0/24 
      94.102.49.0/24 
      94.102.50.0/24 
      94.102.51.0/24 
      94.102.52.0/24 
      94.102.53.0/24 
      94.102.54.0/24 
      94.102.55.0/24 
      94.102.56.0/24 
      94.102.57.0/24 
      94.102.58.0/24 
      94.102.59.0/24 
      94.102.60.0/24 
      94.102.61.0/24 
      94.102.62.0/24 
      94.102.63.0/24 
      
      2a02:6c8:8000::/33
      2a00:55a0:12::/48
      2a00:55a0:13::/48
      2a0b:b7c4::/30
      

      Edited: List of Malicious IP addresses provided

      1 Reply Last reply Reply Quote 0
      • AKEGECA Offline
        AKEGEC
        last edited by

        103.145.12.0/24 
        103.145.13.0/24 
        185.53.88.0/24 
        185.53.91.0/24 
        37.49.224.0/24 
        37.49.225.0/24 
        37.49.226.0/24 
        37.49.227.0/24 
        37.49.228.0/24 
        37.49.229.0/24 
        37.49.230.0/24 
        45.143.220.0/24 
        45.143.221.0/24 
        45.143.222.0/24 
        45.143.223.0/24 
        77.247.108.0/24 
        77.247.111.0/24 
        80.94.93.0/24 
        
        2a0d:a740::/48 
        2a0d:a740:1::/48 
        2a0d:a740:2::/48 
        
        160.116.108.0/22 
        160.116.120.0/22 
        160.116.132.0/22 
        160.116.144.0/22 
        160.116.156.0/22 
        160.116.16.0/22 
        160.116.168.0/22 
        160.116.180.0/22 
        160.116.192.0/22 
        160.116.200.0/22 
        160.116.212.0/22 
        160.116.221.0/24 
        160.116.222.0/23 
        160.116.236.0/22 
        160.116.24.0/22 
        160.116.240.0/22 
        160.116.244.0/22 
        160.116.248.0/22 
        160.116.36.0/22 
        160.116.48.0/22 
        160.116.60.0/22 
        160.116.68.0/22 
        160.116.72.0/22 
        160.116.76.0/22 
        160.116.80.0/22 
        160.116.84.0/22 
        160.116.88.0/22 
        160.116.92.0/22 
        160.116.96.0/22 
        163.198.0.0/22 
        163.198.100.0/22 
        163.198.104.0/22 
        163.198.108.0/22 
        163.198.112.0/22 
        163.198.116.0/22 
        163.198.12.0/22 
        163.198.120.0/22 
        163.198.124.0/22 
        163.198.128.0/22 
        163.198.132.0/22 
        163.198.136.0/22 
        163.198.140.0/22 
        163.198.144.0/22 
        163.198.148.0/22 
        163.198.152.0/22 
        163.198.156.0/22 
        163.198.16.0/22 
        163.198.160.0/22 
        163.198.164.0/22 
        163.198.168.0/22 
        163.198.172.0/22 
        163.198.176.0/22 
        163.198.180.0/22 
        163.198.184.0/22 
        163.198.188.0/22 
        163.198.192.0/22 
        163.198.196.0/22 
        163.198.20.0/22 
        163.198.200.0/22 
        163.198.204.0/22 
        163.198.208.0/22 
        163.198.220.0/22 
        163.198.224.0/22 
        163.198.228.0/22 
        163.198.232.0/22 
        163.198.236.0/22 
        163.198.24.0/22 
        163.198.240.0/22 
        163.198.244.0/22 
        163.198.248.0/22 
        163.198.28.0/22 
        163.198.32.0/22 
        163.198.36.0/22 
        163.198.4.0/22 
        163.198.40.0/22 
        163.198.44.0/22 
        163.198.48.0/22 
        163.198.52.0/22 
        163.198.56.0/22 
        163.198.60.0/22 
        163.198.64.0/22 
        163.198.68.0/22 
        163.198.72.0/22 
        163.198.76.0/22 
        163.198.8.0/22 
        163.198.80.0/22 
        163.198.84.0/22 
        163.198.88.0/22 
        163.198.92.0/22 
        163.198.96.0/22 
        168.80.108.0/22 
        168.80.112.0/22 
        168.80.124.0/22 
        168.80.128.0/22 
        168.80.136.0/22 
        168.80.140.0/22 
        168.80.144.0/22 
        168.80.152.0/22 
        168.80.156.0/22 
        168.80.160.0/22 
        168.80.176.0/22 
        168.80.184.0/22 
        168.80.188.0/22 
        168.80.192.0/22 
        168.80.200.0/22 
        168.80.204.0/22 
        168.80.208.0/22 
        168.80.216.0/22 
        168.80.224.0/22 
        168.80.236.0/22 
        168.80.28.0/23 
        168.80.3.0/24 
        168.80.30.0/23 
        168.80.32.0/22 
        168.80.41.0/24 
        168.80.42.0/24 
        168.80.43.0/24 
        168.80.44.0/23 
        168.80.46.0/23 
        168.80.48.0/22 
        168.80.57.0/24 
        168.80.58.0/23 
        168.80.60.0/22 
        168.80.64.0/22 
        168.80.76.0/22 
        168.80.80.0/22 
        168.80.88.0/22 
        168.80.92.0/22 
        168.80.96.0/22 
        168.81.104.0/22 
        168.81.108.0/22 
        168.81.112.0/22 
        168.81.120.0/22 
        168.81.124.0/22 
        168.81.128.0/22 
        168.81.13.0/24 
        168.81.134.0/23 
        168.81.136.0/22 
        168.81.14.0/24 
        168.81.140.0/22 
        168.81.144.0/22 
        168.81.152.0/22 
        168.81.156.0/22 
        168.81.16.0/22 
        168.81.160.0/22 
        168.81.168.0/22 
        168.81.172.0/22 
        168.81.176.0/22 
        168.81.184.0/23 
        168.81.186.0/24 
        168.81.187.0/24 
        168.81.192.0/22 
        168.81.208.0/24 
        168.81.209.0/24 
        168.81.210.0/24 
        168.81.211.0/24 
        168.81.232.0/22 
        168.81.24.0/22 
        168.81.240.0/22 
        168.81.252.0/24 
        168.81.253.0/24 
        168.81.254.0/24 
        168.81.28.0/22 
        168.81.32.0/22 
        168.81.48.0/22 
        168.81.64.0/22 
        168.81.76.0/22 
        168.81.8.0/22 
        168.81.80.0/22 
        168.81.88.0/22 
        168.81.92.0/24 
        168.81.93.0/24 
        168.81.94.0/24 
        168.81.95.0/24 
        168.81.96.0/22 
        185.39.8.0/22 
        196.15.104.0/22 
        196.15.108.0/22 
        196.15.112.0/22 
        196.15.116.0/22 
        196.15.120.0/22 
        196.15.124.0/22 
        
        
        2a00:55a0:10::/48 
        2a00:55a0:5::/48 
        2a04:7a40::/29
        
        77.72.83.18/24
        80.82.64.33/24
        80.82.67.39/24
        80.82.67.48/24
        80.82.69.236/24
        80.82.77.3/24
        80.82.77.39/24
        80.82.78.53/24
        80.82.78.6/24
        89.248.160.252/24
        89.248.162.130/32
        89.248.168.37/24
        89.248.168.196/24
        89.248.171.2/24
        89.248.171.57/24
        89.248.172.74/24
        89.248.174.215/24
        89.248.174.253/24
        89.248.172.9/24
        93.174.88.25/24
        93.174.89.146/24
        93.174.89.83/24
        93.174.93.133/24
        93.174.93.219/24
        93.174.94.142/24
        94.102.48.195/24
        94.102.51.18/24
        94.102.51.226/24
        94.102.52.22/24
        94.102.52.26/24
        94.102.52.71/24
        94.102.54.103/24
        94.102.54.118/24
        94.102.54.98/24
        94.102.59.120/24
        94.102.60.132/24
        94.102.60.173/24
        145.249.105.71/24
        185.216.140.49/24
        185.56.82.30/24
        94.102.51.28/24
        61.52.187.58/24
        94.102.49.191/24
        91.229.112.17/24
        88.214.24.77/24
        83.97.20.249/24
        51.161.12.231/24
        195.54.161.122/24
        194.26.25.102/24
        193.27.229.207/24
        168.232.128.5/24
        167.71.153.60/24
        167.248.133.22/24
        165.227.171.142/24
        122.142.156.61/24
        116.255.198.57/24
        
        2a02:6c8:8000::/33
        
        noplanN 1 Reply Last reply Reply Quote 0
        • noplanN Offline
          noplan @AKEGEC
          last edited by

          Can anyone verify this? ;)

          Has someone one a cross ref against the pfb lists
          Justsaying

          AKEGECA 1 Reply Last reply Reply Quote 0
          • AKEGECA Offline
            AKEGEC @noplan
            last edited by

            @noplan said in Brute Force Auth Attacks ʕ•́ᴥ•̀ʔっ (List of Malicious IP addresses provided):

            Can anyone verify this? ;)

            Has someone one a cross ref against the pfb lists
            Justsaying

            For peeters sake, don't use this information if you don't want too. That's your right. See your comment, it seems you don't use any of these ip addresses anyway right?

            1 Reply Last reply Reply Quote 1
            • stephenw10S Offline
              stephenw10 Netgate Administrator
              last edited by

              If you host those lists somewhere public then people can just use them as url aliases directly or via pfBlocker.
              Of course that does imply trust in whom ever is hosting them...

              Steve

              1 Reply Last reply Reply Quote 0
              • I Offline
                Impatient
                last edited by Impatient

                Some are in this list [https://reputation.alienvault.com/reputation.generic] which I use
                as an URL Table (IPs) Alias.

                If I had more bandwidth I would offer to host them.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.