Threat Categories

NovaSense breaks threats down into 4 primary categories and provides lists seperately for each.


Threats
Threats are hosts that have attempted to exploit, brute force, or execute a denial of service attack. These are often compromised hosts, and can generally be blocked.
Botnet
Known botnet and C&C servers, a smaller list of confirmed active botnet systems to be blocked at all times. These have responded with a valid botnet C2 response.
Malware
Systems that are infected with or involved in spreading malware and ransomware. Typically blocked on incoming firewalls but also useful on ADCs.
Crypto-Abusers
Systems involved or recently involved in cryptomining abuse, in browser or via malware.
Abusers
Confirmed spammers, comment spam, link spam, abusive crawlers, DoS and DDoS attacks and other miscellaneous abuses. Typically safe to block, but can have limited false positives.
Proxy
A list of socks, web, and other active or recently active open proxies, which are not inherently a threat, but may have been involved in attacks.
Tor Exits
A list of active or recently active TOR exit nodes, which are not inherently a threat, but may have been involved in attacks.