[82551] in North American Network Operators' Group
RE: compromized host list available
daemon@ATHENA.MIT.EDU (Todd Vierling)
Thu Jul 21 13:59:05 2005
Date: Thu, 21 Jul 2005 13:58:12 -0400 (EDT)
From: Todd Vierling <tv@duh.org>
To: "Hannigan, Martin" <hannigan@verisign.com>
Cc: Rick Wesson <wessorh@ar.com>, nanog@merit.edu
In-Reply-To: <A206819EF47CBE4F84B5CB4A303CEB7A521730@dul1wnexmb01.vcorp.ad.vrsn.com>
Errors-To: owner-nanog@merit.edu
On Thu, 21 Jul 2005, Hannigan, Martin wrote:
> > I've developed a tool to pull together a bunch of information from
> > DNSRBLs and mix it with a BGP feed, the result is that upon request I
> > can generate a report of all the compromised hosts on your network as
> > seen by various DNSRBLs.
> What about collateral damage?
Why, are you wanting to create some? 8-)
I think such reports should be treated as they are: third party statistics
that (depending on the sources, as I don't know what they are) indicate what
those third parties think is happening with your network's hosts.
These reports are not a new blacklist. The original poster is only offering
these to the admin of any given network -- not another third party.
Certainly, I'd *love* to see a neatly cross referenced list for a few
unnamed cesspools who refuse to police their networks, in order to ostracize
them for it in public, but that's not the purpose of these reports....
--
-- Todd Vierling <tv@duh.org> <tv@pobox.com> <todd@vierling.name>
