North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BL of Compromised Hosts?

  • From: Daniel Concepcion
  • Date: Sun Feb 22 13:24:20 2004

Hi Deepak,

They are doing a good job in this issue.


On Sunday 22 February 2004 17:12, Deepak Jain wrote:
> Would anyone be interested in receiving a text or BGP feed of IPs of
> hosts known/suspected to be compromised and used as parts of DDOS
> attacks? Would anyone be interested in contributing their BGP views?
> We have (and I'm sure we're not isolated) been seeing attacks from
> several thousand/tens of thousands of unique hosts generated >2Gb/s,
>  >1Mpps attacks.
> I am not necessarily suggesting that providers use this list to
> blackhole at their edge, but its certainly a good candidate for that. It
> could alternatively be used by access providers to notify their
> customers or filter on their customers. I am sure it would also be a
> good list to use to deny traffic to SMTP servers from/to.
> I'm not really an activist, so if there is real interest, I will be glad
> to set it up and contribute our own significant list of sources.
> If this is already done and I don't have a good set of skills with
> Google, please let me know.
> Thanks in advance,
> Deepak Jain