From: (no name) (no email)
Date: Mon Jan 28 2008 - 18:22:53 EST
On Sun, 27 Jan 2008 12:21:27 PST, "Tomas L. Byrnes" said:
> I'm the CTO and founder of ThreatSTOP (www.threatstop.com), and we're
> currently propagating the DShield, and some other, block lists for use
> in firewalls. I'm interested in gathering additional threat information,
> and serving additional communities.
>
> Is there any interest in a collaborative platform where anonymized
> candidates for blocking would be submitted by a trusted group, and then
> propagated out to the whole group?
http://www.ranum.com/security/computer_security/editorials/dumb/
This illustrates dumb idea #2. Explain to me how you intend to enumerate
enough of the "bad" hosts out there that such a blocklist would help, while
still having it small enough that you don't blow out the RAM on whatever
device you're installing it on. Have you *tested* whatever iptables/ipf/ACL
for proper operation with 10 million entries?
|
|
|