[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Re: Deny List Project

Subject: Re: [cobalt-users] Re: Deny List Project
From: flash22@xxxxxxx
Date: Thu Feb 22 02:01:03 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Wed, 21 Feb 2001, Charles Williams ( CEO ACNS ) wrote:
> >
> > I have started a Centralized Deny List.  If you wish to help out and
> > contribute just send your deny list to denylist@xxxxxxxxxxx
> >
> > Am working on cron job now for automatic update of list.

How about a parser with a known expected magic word in it? then people
running portsentry could just have the alert scripts email you (cc)things
that are being blocked...or does this seem to 'touchy'?

Would also provide a way to list a reason , eg, tried accessing port 12345

If your gonna make the registration that complicated you need a form -/

7. Upstream Provider 

lol, abuse@ from mine bounces....

MAC address is probably worthless, if they are close enough to you that
you can get ARP packets you might as well just walk over and slap them
silly -/

Don't make it *too* hard to get off the list, for example a large well
known .edu got rooted recently (3 actually;) once they recover the machine
there is no good reason to keep the IP....

2cents

gsh

References:
- [cobalt-users] Re: Deny List Project
  - From: Charles Williams \( CEO ACNS \)

Prev by Date: Re:[cobalt-users] DNS/BIND Attacks
Next by Date: Re: [cobalt-users] Raq4r Backup
Previous by thread: [cobalt-users] Re: Deny List Project
Next by thread: [cobalt-users] Formmail Basics

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index