Full Disclosure mailing list archives
Compromised host list - some clarification...
From: James Lay <jlay () slave-tothe-box net>
Date: Tue, 21 Feb 2006 07:16:35 -0700
So ok.....I'm completely positive I didn't make myself clear at all in my previous message...go me! Here's a web site that I did manage to find that has a current list of open proxies: http://www.samair.ru/proxy/index.htm My hope is that I could find a site that has a list of currently reported open proxies, scanners, and ssh brute force boxes. The RBL's pretty much have smtp covered. I would run a cron job at midnight, wget and grep the file, then create an iptables table to block those hosts. This is an attempt to be more proactive then reactive...if I knew those hosts that were actively doing naughty things, why not block them at the get go? Does this make sense? Am I barking up the wrong tree? Thanks all =) James _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Compromised host list - some clarification... James Lay (Feb 21)
- Re: Compromised host list - some clarification... Robert P. McKenzie (Feb 21)
- Re: Compromised host list - some clarification... James Lay (Feb 21)
- Re: Compromised host list - some clarification... Dean Pierce (Feb 21)
- Re: Compromised host list - some clarification... Robert P. McKenzie (Feb 21)