fbpx
Select Page

BGP FIREWALL – BOTNET C&C DEFENSE AND MALWARE PROTECTION

Main Features

The BGPf consists of the following threat data lists:

  • Botnet Controller List (BCL)
    IPs belonging to servers that host botnet command and control (C&C) nodes. Blocking connections to C&C nodes prevents botnets from contacting infected computers (bots). While the infection is still present, the bot is rendered harmless.
  • Do Not Route or Peer (DROP) list
    Networks (/24 or larger) that are owned and operated by cybercriminals. These networks host malicious websites, send malware and engage in other types of criminal activity. Blocking the connections from these networks to your users will unable any communication with your users or any attempts to hack your servers.
  • Extended DROP (EDROP) list
    Subnets (/24 or larger) that are owned and operated by cybercriminals. These subnets host malicious websites, send malware and engage in other types of criminal activity. Blocking the connections from these networks to your users will unable any communication with your users or any attempts to hack your servers.

The BGPf combines these lists into a single BGP feed. In order to activate the data feed your network administrator needs to configure the router at your Internet gateway to peer with the Spamhaus BGPf router, loading the feed into your router’s DENY table. Your router then rejects all network traffic to or from IPs listed on the BGPf.

Main Features

The BGPf consists of the following threat data lists:

  • Botnet Controller List (BCL)
    IPs belonging to servers that host botnet command and control (C&C) nodes. Blocking connections to C&C nodes prevents botnets from contacting infected computers (bots). While the infection is still present, the bot is rendered harmless.
  • Do Not Route or Peer (DROP) list
    Networks (/24 or larger) that are owned and operated by cybercriminals. These networks host malicious websites, send malware and engage in other types of criminal activity. Blocking the connections from these networks to your users will unable any communication with your users or any attempts to hack your servers.
  • Extended DROP (EDROP) list
    Subnets (/24 or larger) that are owned and operated by cybercriminals. These subnets host malicious websites, send malware and engage in other types of criminal activity. Blocking the connections from these networks to your users will unable any communication with your users or any attempts to hack your servers.

The BGPf combines these lists into a single BGP feed. In order to activate the data feed your network administrator needs to configure the router at your Internet gateway to peer with the Spamhaus BGPf router, loading the feed into your router’s DENY table. Your router then rejects all network traffic to or from IPs listed on the BGPf.

Feel free to contact us to learn more about the BGPf service

APPLY NOW

Related Resources

DATA

Mollis eget. Sem magna necias
euismod laculs auctior consec
tetuer, ullamcorper…

READ MORE

DATA

Mollis eget. Sem magna necias
euismod laculs auctior consec
tetuer, ullamcorper…

READ MORE

DATA

Mollis eget. Sem magna necias
euismod laculs auctior consec
tetuer, ullamcorper…

READ MORE