I know there are a few topics on dynamically updating blacklists on here and one very good recent one by IntusDave by the looks of it, However I was thinking it would be useful to be able to lookup Abuse IPDB automatically using their provided API from either within mikrotik or via some fancy scripting on a linux box that could also use the Mikrotik API.
See Abuse IPDB API here:
Ideally I would like to have a firewall rule that is for example catching suspicious traffic and adding the source to an address list. I would like to then check the IP to see if it is on Abuse IPDB and if it is take block etc.
It might be much easier just to insert a list of all Abuse IPDB top attackers etc but :
1. I don't think they have this info listed on their website in full without using the API, and
2. It would be good to have different lists for the different categories on Abuse IPDB
I am useless at writing code so looking for help on this