EmergingThreats> Main Web>AllProjects>SnortConfSamples>RussianBusinessNetwork (2016-02-01, MattJonkman) EditAttach
Russian Business Network

"Call these hosts what you like, we see a large amount of hostile activity from these nets, and get little to no abuse response for takedown. Do what you will with this information." - Matt Jonkman

Emerging Threats Russian Business Network (RBN) Snort Intrusion Detection Rules:

* http://rules.emergingthreats.net/blockrules/emerging-rbn.rules

* http://rules.emergingthreats.net/blockrules/emerging-rbn-BLOCK.rules

Emerging Threats Firewall Rules:

* http://rules.emergingthreats.net/fwrules/

Russian Business Network background information compiled by JamesMcQuaid:

From JamesMcQuaid:

          RBN IP Block List:

  • RussianBusinessNetworkIPs.txt Updated 2-10-2012: IP address ranges from which the former customers of the RBN ISP, their malware marketing affiliate networks, emulators, and other organized crime groups exploit consumers. Block at will. Test for your production environment prior to utilization. In cases where a malicious domain occupies an IP address used by many domains, the IP address is not included in this list (due to false positives in Snort and Suricata). Those domains are included in the DNS Blackhole for Smoothwall at http://doc.emergingthreats.net/bin/view/Main/HoneywallSamples

RBN IP List Update files:

Storm 2:

Crime Centric Hosting:

  • RBNRoutes.txt Dedicated criminal networks (listed in RBNRoutes.txt) 772 routes favored by criminals; roughly 10% of the entries in the RBN IP List.

  • RBNIdentities.txt Registrant nom de guerres associated malicious and infected domains (first half 2010).

From Jart Armin:

From Brian Krebs:

From Spamhaus:

From Dancho Danchev:

From David Bizeul:

From Shadowserver:

Wikipedia:

-- JamesMcQuaid - 21 June 2010

Attachments Attachments
Topic attachments
I Attachment Action Size Date Who Comment
Texttxt AS6851_BKCNET.txt manage 50.8 K 2011-01-02 - 23:04 UnknownUser  
Texttxt Emerging-frequent_malvertisers.txt manage 0.3 K 2011-07-03 - 16:23 UnknownUser  
Texttxt RBNIPListOptional.txt manage 1.5 K 2010-04-02 - 15:43 UnknownUser  
Texttxt RBNIdentities.txt manage 82.2 K 2009-12-13 - 19:26 UnknownUser  
Texttxt RBNRoutes.txt manage 12.5 K 2011-05-10 - 01:01 UnknownUser  
Texttxt RBN_IP_List_Update_1-12-2011.txt manage 9.4 K 2011-02-03 - 00:55 UnknownUser  
Texttxt RBN_IP_List_Update_1-18-2011.txt manage 67.5 K 2011-02-03 - 00:56 UnknownUser  
Texttxt RBN_IP_List_Update_1-2-2011.txt manage 6.1 K 2011-02-03 - 01:11 UnknownUser  
Texttxt RBN_IP_List_Update_1-20-2011.txt manage 8.6 K 2011-01-20 - 12:26 UnknownUser  
Texttxt RBN_IP_List_Update_1-22-2011.txt manage 72.5 K 2011-01-23 - 00:06 UnknownUser  
Texttxt RBN_IP_List_Update_1-23-2011.txt manage 21.2 K 2011-01-23 - 18:07 UnknownUser  
Texttxt RBN_IP_List_Update_1-24-2011.txt manage 12.6 K 2011-01-24 - 12:02 UnknownUser  
Texttxt RBN_IP_List_Update_1-27-2011.txt manage 5.1 K 2011-01-27 - 12:24 UnknownUser  
Texttxt RBN_IP_List_Update_1-29-2011.txt manage 28.9 K 2011-01-29 - 22:11 UnknownUser  
Texttxt RBN_IP_List_Update_10-27-2011.txt manage 2.3 K 2011-10-27 - 12:11 UnknownUser  
Texttxt RBN_IP_List_Update_10-6-2011.txt manage 7.7 K 2011-10-06 - 11:45 UnknownUser  
Texttxt RBN_IP_List_Update_11-17-2011.txt manage 0.3 K 2011-11-18 - 04:07 UnknownUser  
Texttxt RBN_IP_List_Update_12-14-2010.txt manage 27.5 K 2011-02-03 - 01:16 UnknownUser  
Texttxt RBN_IP_List_Update_12-14-2011.txt manage 15.6 K 2011-12-14 - 12:53 UnknownUser  
Texttxt RBN_IP_List_Update_12-19-2010.txt manage 65.8 K 2011-02-03 - 01:14 UnknownUser  
Texttxt RBN_IP_List_Update_12-2-2010.txt manage 10.3 K 2011-02-03 - 01:15 UnknownUser  
Texttxt RBN_IP_List_Update_12-22-2010.txt manage 5.6 K 2011-02-03 - 01:13 UnknownUser  
Texttxt RBN_IP_List_Update_12-23-2010.txt manage 5.7 K 2011-02-03 - 01:13 UnknownUser  
Texttxt RBN_IP_List_Update_12-29-2010.txt manage 127.1 K 2011-02-03 - 01:12 UnknownUser  
Texttxt RBN_IP_List_Update_12-30-2010.txt manage 17.4 K 2011-02-03 - 01:12 UnknownUser  
Texttxt RBN_IP_List_Update_12-6-2010.txt manage 42.5 K 2011-02-03 - 01:15 UnknownUser  
Texttxt RBN_IP_List_Update_12-8-2010.txt manage 9.7 K 2011-02-03 - 01:15 UnknownUser  
Texttxt RBN_IP_List_Update_2-10-2012.txt manage 9.0 K 2012-02-10 - 13:35 UnknownUser  
Texttxt RBN_IP_List_Update_2-13-2011.txt manage 66.8 K 2011-02-14 - 01:23 UnknownUser  
Texttxt RBN_IP_List_Update_2-22-2011.txt manage 38.8 K 2011-02-22 - 04:46 UnknownUser  
Texttxt RBN_IP_List_Update_2-4-2011.txt manage 21.0 K 2011-02-04 - 10:39 UnknownUser  
Texttxt RBN_IP_List_Update_2-6-2011.txt manage 44.6 K 2011-02-06 - 22:03 UnknownUser  
Texttxt RBN_IP_List_Update_3-11-2011.txt manage 36.8 K 2011-03-11 - 15:40 UnknownUser  
Texttxt RBN_IP_List_Update_3-13-2011.txt manage 32.9 K 2011-03-13 - 17:04 UnknownUser  
Texttxt RBN_IP_List_Update_3-2-2011.txt manage 16.3 K 2011-03-03 - 03:47 UnknownUser  
Texttxt RBN_IP_List_Update_3-20-2011.txt manage 68.4 K 2011-03-20 - 17:29 UnknownUser  
Texttxt RBN_IP_List_Update_3-4-2011.txt manage 13.4 K 2011-03-04 - 12:56 UnknownUser  
Texttxt RBN_IP_List_Update_3-6-2011.txt manage 96.7 K 2011-03-07 - 00:03 UnknownUser  
Texttxt RBN_IP_List_Update_4-10-2011.txt manage 121.3 K 2011-04-11 - 03:43 UnknownUser  
Texttxt RBN_IP_List_Update_4-12-2011.txt manage 20.6 K 2011-04-12 - 11:43 UnknownUser  
Texttxt RBN_IP_List_Update_4-17-2011.txt manage 180.4 K 2011-04-17 - 20:30 UnknownUser  
Texttxt RBN_IP_List_Update_4-25-2011.txt manage 101.3 K 2011-04-26 - 04:05 UnknownUser  
Texttxt RBN_IP_List_Update_4-27-2011.txt manage 8.7 K 2011-04-27 - 11:12 UnknownUser  
Texttxt RBN_IP_List_Update_4-28-2011.txt manage 3.5 K 2011-04-28 - 11:32 UnknownUser  
Texttxt RBN_IP_List_Update_4-3-2011.txt manage 84.4 K 2011-04-03 - 23:08 UnknownUser  
Texttxt RBN_IP_List_Update_4-30-2011.txt manage 49.5 K 2011-05-01 - 00:06 UnknownUser  
Texttxt RBN_IP_List_Update_4-7-2011.txt manage 31.3 K 2011-04-07 - 12:02 UnknownUser  
Texttxt RBN_IP_List_Update_5-10-2011.txt manage 47.7 K 2011-05-10 - 11:34 UnknownUser  
Texttxt RBN_IP_List_Update_5-14-2011.txt manage 57.4 K 2011-05-15 - 03:13 UnknownUser  
Texttxt RBN_IP_List_Update_5-17-2011.txt manage 42.1 K 2011-05-17 - 04:52 UnknownUser  
Texttxt RBN_IP_List_Update_5-2-2011.txt manage 6.8 K 2011-05-02 - 11:45 UnknownUser  
Texttxt RBN_IP_List_Update_5-20-2011.txt manage 160.2 K 2011-05-20 - 03:24 UnknownUser  
Texttxt RBN_IP_List_Update_5-21-2011.txt manage 52.1 K 2011-05-21 - 21:01 UnknownUser  
Texttxt RBN_IP_List_Update_5-22-2011.txt manage 8.1 K 2011-05-22 - 17:19 UnknownUser  
Texttxt RBN_IP_List_Update_5-25-2011.txt manage 34.0 K 2011-05-25 - 14:41 UnknownUser  
Texttxt RBN_IP_List_Update_5-27-2011.txt manage 8.1 K 2011-05-27 - 18:23 UnknownUser  
Texttxt RBN_IP_List_Update_5-4-2011.txt manage 5.2 K 2011-05-04 - 11:40 UnknownUser  
Texttxt RBN_IP_List_Update_5-5-2011.txt manage 33.9 K 2011-05-06 - 03:59 UnknownUser  
Texttxt RBN_IP_List_Update_5-9-2011.txt manage 54.2 K 2011-05-09 - 11:00 UnknownUser  
Texttxt RBN_IP_List_Update_6-1-2011.txt manage 35.0 K 2011-06-01 - 04:07 UnknownUser  
Texttxt RBN_IP_List_Update_6-11-2011.txt manage 24.5 K 2011-06-12 - 03:45 UnknownUser  
Texttxt RBN_IP_List_Update_6-13-2011.txt manage 6.3 K 2011-06-13 - 16:00 UnknownUser  
Texttxt RBN_IP_List_Update_6-14-2011.txt manage 18.0 K 2011-06-14 - 11:52 UnknownUser  
Texttxt RBN_IP_List_Update_6-19-2011.txt manage 57.9 K 2011-06-19 - 20:25 UnknownUser  
Texttxt RBN_IP_List_Update_6-21-2011.txt manage 18.1 K 2011-06-21 - 18:23 UnknownUser  
Texttxt RBN_IP_List_Update_6-28-2011.txt manage 40.5 K 2011-06-28 - 14:20 UnknownUser  
Texttxt RBN_IP_List_Update_6-6-2011.txt manage 11.9 K 2011-06-06 - 04:40 UnknownUser  
Texttxt RBN_IP_List_Update_6-9-2011.txt manage 14.2 K 2011-06-09 - 11:24 UnknownUser  
Texttxt RBN_IP_List_Update_7-13-2011.txt manage 6.3 K 2011-07-13 - 11:34 UnknownUser  
Texttxt RBN_IP_List_Update_7-15-2011.txt manage 47.3 K 2011-07-15 - 04:27 UnknownUser  
Texttxt RBN_IP_List_Update_7-18-2011.txt manage 28.3 K 2011-07-18 - 13:15 UnknownUser  
Texttxt RBN_IP_List_Update_7-21-2011.txt manage 22.5 K 2011-07-21 - 11:37 UnknownUser  
Texttxt RBN_IP_List_Update_7-3-2011.txt manage 447.9 K 2011-07-03 - 16:22 UnknownUser  
Texttxt RBN_IP_List_Update_7-5-2011.txt manage 12.2 K 2011-07-05 - 10:36 UnknownUser  
Texttxt RBN_IP_List_Update_7-6-2011.txt manage 17.5 K 2011-07-06 - 11:06 UnknownUser  
Texttxt RBN_IP_List_Update_7-8-2011.txt manage 8.8 K 2011-07-08 - 11:52 UnknownUser  
Texttxt RBN_IP_List_Update_8-29-2011.txt manage 0.2 K 2011-08-29 - 11:05 UnknownUser  
Texttxt RBN_IP_List_Update_9-18-2011.txt manage 1.2 K 2011-09-18 - 19:22 UnknownUser  
Texttxt RBN_Observations_2nd_Quarter_2010.txt manage 1121.9 K 2010-07-06 - 01:20 UnknownUser  
Texttxt Storm_2_IP_addresses_3-12-2011.txt manage 4.2 K 2011-03-13 - 01:34 UnknownUser  
Texttxt Storm_2_domain_objects_3-11-2011.txt manage 41.1 K 2011-03-13 - 01:34 UnknownUser  
Texttxt as29073_ECATEL-AS.txt manage 190.1 K 2011-01-02 - 23:04 UnknownUser  
Texttxt as51554_LYAHOV-AS_Lyahovich_Maksim.txt manage 82.6 K 2011-01-02 - 23:04 UnknownUser  
Texttxt emerging-rbn-malvertisers.txt manage 0.6 K 2011-11-18 - 10:37 UnknownUser  
Texttxt emerging-rbn-malvertising_update_7-15-2011.txt manage 8.2 K 2011-07-15 - 04:28 UnknownUser  
Texttxt hounds_to_the_hunters.txt manage 90.6 K 2011-01-25 - 11:45 UnknownUser  
Texttxt includes_skynet.txt manage 93.3 K 2011-01-25 - 11:45 UnknownUser  
Edit | Attach | Print version | History: r284 < r283 < r282 < r281 < r280 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r284 - 2016-02-01 - MattJonkman
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats