今天攻击报警数量更加少了,可能红队经过前期的摸底和最初2天的外围信息收集和尝试打点,已经放弃了我们这个目标吧。
抽空在4月10日20点爬取了互联网新增teamserver ip,蓝队可以根据情况增加出向或入向的策略规则。数据来源主要是fofa、zoomeye,进行了去重处理,部分少量IP可能属于误报。
全量teamserver ip可关注公众号,回复关键字 "teamserver0410" 获取。
基于昨天12点左右爬取的数据,对比出的截至今天20点30新增的一些teamserver ip:
159.75.111.152
157.119.95.52
47.100.139.53
47.118.34.205
39.106.204.11
82.156.102.252
103.66.57.92
103.147.12.11
168.206.191.199
121.36.209.113
180.215.195.245
199.19.224.92
5.8.18.112
168.206.184.195
168.206.191.200
8.136.119.24
121.41.203.12
204.44.76.161
81.70.28.20
154.92.16.126
155.94.133.15
120.77.61.136
168.206.184.200
168.206.186.196
103.117.100.39
116.255.155.106
175.10.35.23
124.70.1.140
47.243.25.215
45.227.255.35
203.195.131.193
47.100.46.18
175.10.34.118
168.206.187.218
185.161.209.42
8.210.38.183
176.121.14.113
103.215.213.164
101.32.190.174
139.129.117.127
8.129.83.140
101.132.158.142
168.206.184.199
150.109.119.164
101.133.222.113
216.83.53.241
193.29.59.180
43.129.22.154
202.182.115.85
193.239.84.254
47.105.72.148
207.148.87.217
82.194.164.54
159.75.228.99
139.196.153.6