[93186] in North American Network Operators' Group
Re: advise on network security report
daemon@ATHENA.MIT.EDU (Rick Wesson)
Mon Oct 30 12:27:13 2006
Date: Mon, 30 Oct 2006 09:23:43 -0800
From: Rick Wesson <wessorh@ar.com>
To: Fergie <fergdawg@netzero.net>
Cc: nanog@merit.edu
In-Reply-To: <20061030.090858.21495.1322951@webmail18.lax.untd.com>
Errors-To: owner-nanog@merit.edu
Fergie wrote:
> Rick,
>
> It would interesting to know how you classify "incidents" in the
> table below....
any one of the following:
o being put on a major DNS black list (spamcop, spamhaus, ahbl etc.)
o hosting malware or phishing sites, open proxies
o sending LOTS of SPAM, virus
o IRC abuse
o Botnet C&C
o hoping glue/fast flux
o abusive, vulnerable web servers
Should I track other things? I'm always open to new data sources...
-rick
