North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: compromized host list available
On 7/21/05, Joseph S D Yao <[email protected]> wrote: > > On Wed, Jul 20, 2005 at 04:32:09PM -0700, Rick Wesson wrote: > > Folks, > > > > I've developed a tool to pull together a bunch of information from > > DNSRBLs and mix it with a BGP feed, the result is that upon request I > > can generate a report of all the compromised hosts on your network as > > seen by various DNSRBLs. ... > Unless you have personally verified each entry, you would do well to add > a disclaimer that DNSRBLs are not 100% reliable, eh? Well there is that, but that should be implicit in pretty much every report you get that $this or $that host is compromised. This is just a convenient offering to say "someone out there thinks one of your machines is holed. You might want to check that out." I'm good friends with some fully-automated blackholing mechanisms, and even I'm not crazy enough to just blackhole my own machines on someone else's say-so. CK -- GDB has a 'break' feature; why doesn't it have 'fix' too?
|