r146 - 27 Jan 2010 - 01:52:40 - JamesMcQuaidYou are here: TWiki >  Main Web > AllProjects > SnortConfSamples > RussianBusinessNetwork
Emerging Threats Russian Business Network (RBN) Snort Intrusion Detection Rules:

* http://www.emergingthreats.net/rules/emerging-rbn.rules

* http://www.emergingthreats.net/rules/emerging-rbn-BLOCK.rules

"Call these hosts what you like, we see a large amount of hostile activity from these nets, and get little to no abuse response for takedown. Do what you will with this information." - Matt Jonkman

Russian Business Network background information compiled by JamesMcQuaid:

From JamesMcQuaid:

  • RussianBusinessNetworkIPs.txt Updated 1-21-2010: IP address ranges from which the criminal organization, their franchises, affiliates and customers exploit consumers. Block at will. Test for your production environment prior to utilization.
  • RBNIdentities.txt Updated 12-13-2009. Registrant information associated malicious and infected domains.

From Jart Armin: http://rbnexploit.blogspot.com

From Brian Krebs:

From Spamhaus:

From Dancho Danchev: http://ddanchev.blogspot.com/

From David Bizeul: http://isc.sans.org/presentations/RBN_study.pdf

From Shadowserver: 'Clarifying the "guesswork" of Criminal Activity': http://www.shadowserver.org/wiki/uploads/Information/RBN-AS40989.pdf

Wikipedia: http://en.wikipedia.org/wiki/Russian_Business_Network

-- JamesMcQuaid - 11 August 2009

Topic attachments
I Attachment Action Size Date Who Comment
txttxt RBNIdentities.txt manage 82.2 K 13 Dec 2009 - 19:26 JamesMcQuaid  
txttxt RussianBusinessNetworkIPs.txt manage 86.6 K 27 Jan 2010 - 01:52 JamesMcQuaid  
txttxt ZeusMalwareIPs.txt manage 16.0 K 02 Dec 2009 - 12:03 JamesMcQuaid  
Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r146 < r145 < r144 < r143 < r142 | More topic actions
 
Emerging Threats
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback