Bitcoin Mining Detection
-
Hi all, may I know with recent issue with bitcoin mining getting more active, will there be any new patch or new component for Suricata to have this ability to detect these activities?
Seeking your opinion and advise.
-
It might just be a matter of enabling the bitcoin rules in snort_app-detect.rules.
Also you might want to blacklist these servers https://github.com/ZeroDot1/CoinBlockerLists/blob/master/MiningServerIPList.txt
-
I'm sorry for posting here but I'm looking for this new patch, did you find anything like that?
-
This post is deleted! -
@NogBadTheBad thank you for helping. You actually solved my issue.
-
@NogBadTheBad
link dead -
google is your best friend !
“This list contains all domains - A list for administrators to prevent mining in networks” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list.txt?inline=false
“This list contains all optional domains - An additional list for administrators” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_optional.txt?inline=false
“This list contains all browser mining domains - A list to prevent browser mining only” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_browser.txt?inline=false
“This list contains all IPs - A additional list for administrators to prevent mining in networks” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/MiningServerIPList.txt?inline=false -
This post is deleted! -
https://zerodot1.gitlab.io/CoinBlockerLists/hosts
https://github.com/MISP/MISP/pull/5553
-
Hi all, did it solved the issue?
@NogBadTheBad said in Bitcoin Mining Detection:
It might just be a matter of enabling the bitcoin rules in snort_app-detect.rules.
Also you might want to blacklist these servers https://github.com/ZeroDot1/CoinBlockerLists/blob/master/MiningServerIPList.txt
-
@nbctcp That's veird that the link is dead. I worked for me a couple of days ago.
-
This post is deleted! -
Locking this. It's just attracting spam at a ridiculous rate.