Achieve security excellence without breaking the budget!

Download guide

Discover CrowdSec’s Free Third-Party Blocklists

In case you missed it, we recently announced the new Blocklists Catalog in the CrowdSec Console. In the catalog, you can find several blocklists centralized in one place, including third-party blocklists that are free to all users. 

All users on the CrowdSec Console can subscribe their Security Engines to third-party blocklists to secure their systems against VoIP fraud, botnets, and more.

Let’s explore those blocklists a little further. 

The blocklists you can subscribe to

The third-party blocklists contain IPs from various proxies, Tor nodes, and known scanners. One of the blocklists you can find is the Firehol voipbl.org blocklist which includes a distributed VoIP blocklist aimed at protecting against VoIP fraud and minimizing abuse for networks that have publicly accessible PBX’s. 

Another is the Tor blocklist, which contains the IP addresses of Tor exit nodes. You can also stay protected against IPs belonging to botnets with CrowdSec’s aggregated list (part of the premium blocklists). 

Bots and attackers often try to hide their malicious activities using proxies and tor nodes. Therefore, once you have subscribed to one of the blocklists, you might want to apply remediation to those IPs, either by blocking them, validating they are genuine humans via CAPTCHA, or any custom remediation you might have implemented on your Remediation Component.

Check out the details

Before subscribing to a blocklist, you can see the number of IPs the list currently has, as well as when it was last updated and the number of CrowdSec users subscribed to that blocklist. 

Where do these blocklists come from?

All of the third-party blocklists provided were cherry-picked by the expert team at CrowdSec from reliable websites. The lists were loaded into the CrowdSec database, compared to our own CTI, and ran through our system to filter out any possible false positives. 

CrowdSec also offers premium and platinum blocklists aggregated from our own data, which comes from 70,000+ real users sharing their signals in over 190 countries. You can learn more about how we collect and curate our data here

Our community is a powerful and important part of CrowdSec. We strongly stand by our motto, “Safer Together.” If you have a blocklist you would like to share with your fellow community members, you can contact us at support@crowdsec.net, and we will gladly add it to the third-party blocklist group. 

How to subscribe to a blocklist 

Check out the detailed documentation on how to subscribe to any of our blocklists, including third-party, premium, and platinum ones. You can also see an example of how to subscribe to a blocklist in the video below. 

How to Subscribe a Third-Party Blocklist to Either a Security Engine or an Integration

Subscribe to a Blocklists

Sing in to the CrowdSec Console, explore our list of third-party blocklists, and subscribe for free.

Explore blocklists

WRITTEN BY

You may also like

am i under attack
Product Updates

Am I Under Attack: Cut Through the Noise to Detect Sophisticated and Targeted Attacks with CrowdSec’s New feature

Am I Under Attack leverages advanced AI algorithms to detect anomalies in your logs indicating more sophisticated or targeted attacks.

new and advanced ip lookup search
Product Updates

Introducing the New and Advanced IP Lookup Search

In a previous article, we introduced the CTI Report, this time, we are taking it a step further and introducing new and advanced search options for our IP lookup.  You now have access to multiple search options to accurately and effectively explore the CrowdSec CTI.   Let’s take a look. IP lookup search These new search […]

Streamlining ELK Stack with CrowdSec via Syslog
Product Updates

Streamlining ELK Stack with CrowdSec via Syslog

By integrating CrowdSec with the ELK stack via Syslog, you can enhance your security monitoring capabilities and bolster your threat detection mechanisms.