[61419] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Sobig.f surprise attack today

daemon@ATHENA.MIT.EDU (Dan Hollis)
Thu Aug 28 15:58:25 2003

Date: Thu, 28 Aug 2003 12:54:54 -0700 (PDT)
From: Dan Hollis <goemon@anime.net>
To: Owen DeLong <owen@delong.com>
Cc: Doug Barton <DougB@dougbarton.net>,
	"Beprojects.com" <info@beprojects.com>, <nanog@merit.edu>
In-Reply-To: <2147483647.1062058714@imac-en0.delong.sj.ca.us>
Errors-To: owner-nanog-outgoing@merit.edu


On Thu, 28 Aug 2003, Owen DeLong wrote:
> Alternatively, perhaps we could, instead, publish an INFECTED SYSTEMS 
> blacklist
> based on such connections to a honeypot.  Any system which made the correct
> request could then have it's address published via BGP or DNS for ISPs and
> the like to do as they wish.

an infected host dnsrbl doesnt sound like a bad idea...

-Dan
-- 
[-] Omae no subete no kichi wa ore no mono da. [-]


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[61419] in North American Network Operators' Group

Re: Sobig.f surprise attack today

daemon@ATHENA.MIT.EDU (Dan Hollis)Thu Aug 28 15:58:25 2003

daemon@ATHENA.MIT.EDU (Dan Hollis)
Thu Aug 28 15:58:25 2003