Known Compromised Hosts

This ruleset is compiled from a number of sources. It's contents are hosts that are known to be compromised by bots, phishing sites, etc, or known to be spewing hostile traffic. These are not your everyday infected and sending a bit of spam hosts, these are significantly infected and hostile hosts.

Sources include:

Brute Force Blocker

If you have a source of IPs you'd like to add to the list please email

Sids are in the range 2500000-2509999 for normal version, 2510000-2519999 for the Snortsam blocking versions.

Known CompromisedHost List

This topic: Main > WebHome > UserDocs > AllRulesets > CompromisedHost
Topic revision: r9 - 2017-02-28 - FrancisTrudeau
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats