North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: BL of Compromised Hosts?
Hi Deepak, Check http://www.cymru.com/BGP/bogon-rs.html They are doing a good job in this issue. Regards, Daniel On Sunday 22 February 2004 17:12, Deepak Jain wrote: > Would anyone be interested in receiving a text or BGP feed of IPs of > hosts known/suspected to be compromised and used as parts of DDOS > attacks? Would anyone be interested in contributing their BGP views? > > We have (and I'm sure we're not isolated) been seeing attacks from > several thousand/tens of thousands of unique hosts generated >2Gb/s, > > >1Mpps attacks. > > I am not necessarily suggesting that providers use this list to > blackhole at their edge, but its certainly a good candidate for that. It > could alternatively be used by access providers to notify their > customers or filter on their customers. I am sure it would also be a > good list to use to deny traffic to SMTP servers from/to. > > I'm not really an activist, so if there is real interest, I will be glad > to set it up and contribute our own significant list of sources. > > If this is already done and I don't have a good set of skills with > Google, please let me know. > > Thanks in advance, > > Deepak Jain > AiNET