Herd immunity / adding to greylist
Forum
Toggle Submenu
  1. Forums
  2. Recent
  3. Tags
Add a reply View Replies (4)
  1. Forums
  2. Imunify360
  3. Imunify360 and Imunify Sensor

Resolved Herd immunity / adding to greylist

  1. Ray Baron
    Ray Baron
  2. Sunday, 25 June 2017
  3.  Subscribe via email
Another forum thread included this response from Cloudlinux:

"As of the current version, we do not let users adding graylist entries manually (only removing is possible)."

Two questions:

Where do you get the IPs in the greylist? Herd immunity implies there is a master source of abuse IPs. I use a couple of the lists in csf.blocklists and do not want to duplicate.

Is there a place I can submit abuse IPs (something like abuseip.com) where they will get picked up by the Imunify360 greylist?
Rate this post:
0
Responses (4)
  1. 26.06.2017 13:06:05
  2. # 1
Alexandre Parubochyi Accepted Answer
Alexandre Parubochyi
Posts: 212
Joined: 31.01.2017
0
Votes
Undo
We collect information about attackers on Imunify360 correlation server. Sophisticated machine learning techniques are used to add entries to the global graylist - parts of this list are sent to Imunify360 agents on customers' servers to stop attackers before they've started their activity with them. Populating global graylist is an automatic process - we actually designed it to work without human intervention.
  1. 26.06.2017 14:06:41
  2. # 2
Ray Baron Accepted Answer
Ray Baron
Posts: 32
Joined: 01.04.2013
0
Votes
Undo
OK, thanks for that.

Might be nice to have a place to submit IPs since the correlation server (honeypot?) won't see every miscreant IP. This can also be automated, e.g., X number of reports gets an IP added to the greylist.
  1. 26.06.2017 14:06:03
  2. # 3
Alexandre Parubochyi Accepted Answer
Alexandre Parubochyi
Posts: 212
Joined: 31.01.2017
0
Votes
Undo
This information is actually collected form customers' servers (not only from honeypots). So that, decisions are made based on number of incidents caused by the IP address, number of servers which were attacked, country of origin etc.
  1. 26.06.2017 14:06:25
  2. # 4
Ray Baron Accepted Answer
Ray Baron
Posts: 32
Joined: 01.04.2013
0
Votes
Undo
Excellent!
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Cite your Sources with a URL link to help readers verify facts or find more details.
Add Another Link
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.

General
General
  1. 543 posts
  2. 2 subcategories
CloudLinux and Control Panels
CloudLinux and Control Panels
  1. 1138 posts
  2. 5 subcategories
KernelCare
KernelCare
  1. 74 posts
  2. 1 subcategory
Imunify360
Imunify360
  1. 217 posts
  2. 1 subcategory

Stay in touch

CloudLinux Facebook Facebook 9K+ followers CloudLinux Twitter Twitter 10K+ followers CloudLinux YouTube Channel YouTube official channel CloudLinux on LinkedIn LinkedIn Follow us

Products
Success Stories
Partners
Support
About Us
privacy shield certified
aicpa soc
pci-dss
eu gdpr compliant

© All rights reserved. CloudLinux Inc.
Terms of Use | Privacy Policy | Vulnerability Reporting | Code of Ethics | Legal 

Call Sales at +1 (800) 231-7307

Email [email protected]

EU e-Privacy Directive

We use cookies to ensure you get the best experience using our website and services. Read more about it in our Privacy Policy. Please agree to the use of cookies to proceed. Alternatively, you may disable cookies in your browser at any time.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.