Security Update - 11/10/2016

Three new allow lists were added to the ThreatSTOP Policy Builder. The following allow lists can be found under the “Allow” tab in the “Inbound Attacks (Servers)” category:

  • nodeping.com Monitoring Service IPs

IP addresses for Nodeping website/server monitoring service. If you are a subscriber of Nodeping than these IPs should be allowed, otherwise, if you are not a subscriber - these can be used by malicious individuals to track your online status. The addresses in this feed were provided by Nodeping.com.

  • statuscake.com Website Monitoring Service, IPs

IP addresses for statuscake website/server monitoring service. If you are a subscriber of statuscake than these IPs should be allowed, otherwise, if you are not a subscriber - these can be used by malicious individuals to track your online status. The addresses in this feed were provided by statuscake.com.

  •  uptimerobot.com Website Monitoring Service

IP addresses for uptimerobot website/server monitoring service. If you are a subscriber of uptimerobot than these IPs should be allowed, otherwise, if you are not a subscriber - these can be used by malicious individuals to track your online status. The addresses in this feed were provided by uptimerobot.com.

These targets are also available in the “Block” tabs to add to a policy. For users who don’t subscribe to nodeping, statuscake, or uptimerobot, blocking these IPs may make sense as these IPs might be abused and used to scan networks for vulnerabilities prior to an outright attack.

 

 

Share this: