Welcome to Spectops
Threat nullification workflows with a safety-first policy model
Spectops helps you ingest threat signals, apply policy guardrails, and distribute blocking decisions to your network and downstream systems.
What you will accomplish in this guide
- Create your account and secure it (2FA recommended)
- Link an ASN so you can manage network-scoped policy
- Create a BGP session safely (with route filtering)
- Connect sources and publish controlled outputs
BGP Peering Details
- Spectops ASN: 49094
- TCP Port: 179
- Blackhole Community: Provided in your dashboard
Your assigned peering IPs and any custom community values are shown in the product after signup.
Step 1: Create an Account
- Go to /register and sign up with your email address.
- Check your email for a verification link and click it to activate your account.
- Log in with your credentials.
You can change your password any time in Settings after logging in. Use “Forgot Password” if you can’t access your current password.
Tip: Enable two-factor authentication (2FA) early (TOTP, email OTP, and recovery codes are supported) to protect operator access.
Step 2: Link Your ASN
You have two options to add your ASN:
Option A: PeeringDB Integration (Recommended)
- Log in and go to Settings → PeeringDB
- Click "Link PeeringDB Account"
- Authorize Spectops to access your PeeringDB account
- Select which ASNs to import
- Your ASN information will sync automatically
Option B: Manual ASN Assignment
- Contact support with proof of ASN ownership ( support@localhost)
- We will manually assign the ASN to your account
Step 3: Configure BGP Session
- Log in and go to Sessions
- Click "Create Session"
- Fill in the session details:
| Field | Description | Example |
|---|
| Session Name | Descriptive name | edge-router-1 |
| Neighbor IP | Your router's BGP IP | 192.0.2.1 |
| Remote ASN | Your ASN | 65000 |
| Address Family | IPv4/IPv6/Both | IPV4 |
Critical: Route Filtering RequiredBefore enabling the BGP session, you must configure route filtering on your router to only accept routes with the blackhole community (e.g., 65535:666 or your custom community). Accepting unfiltered routes from any source can cause routing issues.
See the BGP Setup Guide for filter configuration examples.
Firewall Note: Ensure TCP port 179 is open from your service peering IP to your router.
Step 4: Add Blocklist Sources
Bind blocklist sources to your BGP session:
- Go to your session's detail page
- Click "Bind Source"
- Select from available sources:
System Sources (Pre-configured)
- Common threat categories (brute force, botnet infrastructure, scanners, abuse feeds)
- Optional community-driven intelligence (depending on your deployment configuration)
- Enable/disable sources at any time as part of your policy
Custom Sources
You can also create your own sources:
- URL Feeds: HTTP/HTTPS endpoints returning CIDR lists
- Webhooks: Push updates in real-time
- Manual: Add individual prefixes
⚠️ Warning: Only bind sources you trust. Malicious or incorrect sources could cause legitimate traffic to be blackholed.
Step 5: Configure Whitelist
Add prefixes to your whitelist to ensure they are never blackholed, even if they appear in blocklist sources.
- Log in and go to Block Center → Whitelist
- Add your critical prefixes (e.g., your own IP space)
- Enable "Auto-exclude own announced prefixes" in your ASN settings to automatically protect your BGP-announced ranges
Step 6: Monitor and Manage
Use these tools to monitor your threat nullification setup:
- Dashboard: Overview of active sessions, sources, and alerts
- Alerts: Notifications when your own prefixes appear in blocklists
- IP Search: Check if a specific IP is in any of your sources
- Audit Logs: Track all configuration changes
Notifications
Configure notifications in Settings → Notifications:
- Email alerts for important events
- Webhook integration for external systems
- In-app notifications