osquery might be a bit more popular than AbuseIPDB. We know about 18 links to it since March 2021 and only 13 links to AbuseIPDB. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
The largest we have successfully deployed is on the OSQuery schema https://osquery.io/ which is 277 tables and lots of business context (malwares, vulnerabilities, Windows registry keys, etc). - Source: Hacker News / 4 months ago
From a self hosted standpoint OSQuery or Wazuh are your best bets for monitoring USB devices. Windows makes blocking really challenging and I’m not aware of any “free” solutions that attempt it. Source: about 1 year ago
Configure auditd to monitor host activity: https://izyknows.medium.com/linux-auditd-for-threat-detection-d06c8b941505 or osquery: https://osquery.io/ (or similar software: filebeat for example). Source: about 1 year ago
OS Query : Easily ask questions about your Linux, Windows, and macOS infrastructure. - Source: dev.to / over 1 year ago
Osquery + Fleet. https://osquery.io/ https://fleetdm.com/, using the two allows you to build a query to answer what ever questions you (or an auditor) might have about your environment. Source: over 1 year ago
Origin server only shows Cloudflare IP's so I decided to add this UA to my WAF with a Managed Challenge. After roughly 30 minutes and almost 100 hits on it CSR was 0%. Looking at the CF logs for the specific WAF shows IP's and locations from everywhere(US, UK, India, China, Nigeria, etc) and when I check IP's at abuseipdb.com they're all clean but none of them seem to get through the managed challenge. I removed... Source: 9 months ago
Switched to Maspik Anti-Spam, with a manually curated list of keywords, and integration with abuseipdb.com and proxycheck.io. But both of those were also causing false positives, especially from my co-worker who uses a virtual machine, so upped the tolerance to 70 on both. Source: about 1 year ago
This install of Docker is only a few days old. Most of the IPs associated are showing "banned" on abuseipdb.com. Source: about 1 year ago
People build lists like OP is all the time, have you seen https://abuseipdb.com/? Source: about 1 year ago
To keep your Synology safe, regularly update list of blocked ip addresses. I'm using this script, which takes list of ip addresses from blocklist.de and abuseipdb.com and add them to my block list. I keep them blocked forever. Source: about 1 year ago
Tripwire - Open Source Tripwire software is a security and data integrity tool useful for monitoring and...
URLscan.io - urlscan.io is a free service to scan and analyse websites. When a URL is submitted to urlscan.io, an automated process will browse to the URL like a regular user and record the activity that this page navigation creates.
Ossec - OSSEC is an Open Source Host-based Intrusion Detection System.
Metadefender - Metadefender, by OPSWAT, allows you to quickly multi-scan your files for malware using 43 antivirus...
AIDE - AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker.
VirusTotal - VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick...