So I was looking up some of the blocks that Suricata throws out and ran across a post mentioning AbuseIPDB.com, anyone ever use it for looking stuff up and reporting it?
I get a lot of ET SCAN MS Terminal Server Traffic on Non-standard Port blocks on one of my open ports as well as a lot of ET DROP Dshield Block Listed Source group 1 blocks.
When I checked a few of these IP addresses, the Dshield came back as 100% and the terminal server came back as 60% bad actor related.
Just thought I would throw this out and see if anyone has good or bad things to say about them.