Closed glallen-cb closed 2 years ago
Yep. It was an upstream add. I’ll get an exclusion in there.
Patrick Kelley, CISSP, C|EH, ITIL CTO @.**@.>
On Dec 13, 2021, at 6:03 PM, glallen @.***> wrote:
https://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds/blob/4fad0896f3b2996b3b4d59d3a1fcb82eeebca069/log4j_ip.intel#L2 0.0.0.0 and 1.1.1.1 jump out as potential false positives / unintended additions.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds/issues/7, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ABGPPYYPHN4QS4R3QSUNJCTUQZ3U7ANCNFSM5J7M5UMA.
As promised, I've built-in filtering for all no-routable addresses and have removed 0.0.0.0 and 1.1.1.1.
Unfortunately, this is an aggregation of community-data and the quality is based on that data.
I'll do my best to keep it solid.
https://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds/blob/4fad0896f3b2996b3b4d59d3a1fcb82eeebca069/log4j_ip.intel#L2 0.0.0.0 and 1.1.1.1 jump out as potential false positives / unintended additions.